Gość utworzono 1 lutego 2011 utworzono 1 lutego 2011 Proszę o zweryfikowanie błędu który pojawił mi się dziś po włączeniu MAfi 2. Po tym nie da się już uruchomić żadnej aplikacji 3d (paski artefakty, przekłamania błędy kolorowy obraz itp) po ponownym uruchomieniu wszystko wraca do normy do czasu włączenia jakiejkolwiek gry. Deinstalacja sterowników i instalacja oryginalnych dołączonych do karty nic nie dała. Poniżej screeny ukazujące problem. [URL=http://img593.imageshack.us/i/beztytuuiqz.jpg/][IMG]http://img593.imageshack.us/img593/2229/beztytuuiqz.th.jpg[/IMG][/URL] Nawet przeglądarka wygląda tak: [URL=http://img228.imageshack.us/i/333cs.jpg/][IMG]http://img228.imageshack.us/img228/7334/333cs.th.jpg[/IMG][/URL] proszę o pomoc. Miałem ten sam problem z poprzednią kartą ATI HD4890 ale tam na jednej wersji sterowników ten problem znikał. Wrzucam kilka logów DDS: [log]UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft� Windows Vista� Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2009-11-28 14:04:39 System Uptime: 2011-02-01 10:03:30 (0 hours ago) Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA770T-UD3P Processor: AMD Phenom(tm) II X3 720 Processor | Socket M2 | 2100/259mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 98 GiB total, 16,264 GiB free. D: is CDROM () E: is CDROM () G: is FIXED (NTFS) - 368 GiB total, 87,048 GiB free. ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP565: 2011-02-01 08:36:47 - Windows Update RP566: 2011-02-01 09:08:33 - Instalacja pakietu sterownika urz�dzenia: NVIDIA Karty graficzne RP567: 2011-02-01 09:13:29 - Instalacja pakietu sterownika urz�dzenia: NVIDIA Corporation Kontrolery d�wi�ku, wideo i gier RP568: 2011-02-01 09:53:48 - Installed NVIDIA PhysX ==== Installed Programs ====================== @BIOS Ver.2.05 3DMark Vantage 3DMark06 7-Zip 4.65 Adobe Flash Player 10 Plugin Adobe Reader 9.4.1 - Polish ArcaniA - Gothic 4 ArcaniA - Gothic 4 Hotfix ArcaniA - Gothic 4 Patch Ashampoo Burning Studio 6 FREE Avira AntiVir Personal - Free Antivirus Battlefield: Bad Company� 2 BioShock 2 BitLord 1.1 Bluesoleil2.6.0.9 Release 070606 Browser Configuration Utility Burger Rush Call of Duty Modern Warfare 2 Call of Duty(R) - World at War(TM) Call of Duty(R) - World at War(TM) 1.1 Patch Call of Duty(R) - World at War(TM) 1.2 Patch Call of Duty(R) - World at War(TM) 1.3 Patch Call of Duty(R) - World at War(TM) 1.4 Patch Call of Duty(R) - World at War(TM) 1.5 Patch Call of Duty(R) - World at War(TM) 1.6 Patch Call of Duty(R) - World at War(TM) 1.7 Patch Call of Duty(R) 4 - Modern Warfare(TM) Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch Call of Duty: Black Ops Crysis WARHEAD(R) Crysis WARHEAD(R) Patch Crysis(R) Driver Sweeper 2.1.0 EA Download Manager EVEREST Ultimate Edition v5.30 Fallout New Vegas Far Cry 2 Farm Frenzy 3 American Pie Farm Frenzy 3 Madagascar Fraps Futuremark SystemInfo Gadu-Gadu 10 Galeria fotografii us�ugi Windows Live HD Tune 2.55 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) James Cameron's AVATAR(tm): THE GAME Junk Mail filter update LOST PLANET 2 Mafia II - Demo Malwarebytes' Anti-Malware Microsoft Choice Guard Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office Professional Edition 2003 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime Mozilla Firefox (3.6.13) MSI Afterburner 2.0.0 MSI Kombustor v1.0.7 MSVCRT Narz�dzie do przekazywania us�ugi Windows Live NVIDIA PhysX NVIDIA Stereoscopic 3D Driver OpenAL Pity 2009 Poczta us�ugi Windows Live Podstawowe programy Windows Live Prototype(TM) PunkBuster Services Ranch Rush 2 Collectors Edition 1.00 Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek High Definition Audio Driver RESIDENT EVIL 5 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Skype� 4.1 Spybot - Search & Destroy Steam The Sims� 3 The Sims� 3 Kariera The Sims� 3 Nowoczesny apartament Akcesoria The Sims� 3 Po zmroku The Sims� 3 Wymarzone Podr�e Two Worlds II Unigine Heaven Benchmark v2.1 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) WapSter AQQ Windows Live Communications Platform Windows Live Messenger Windows Live Movie Maker Windows Live Sync Windows Live Toolbar Windows Live Writer XviD MPEG-4 Video Codec ==== End Of File =========================== [/log] [log] DDS (Ver_10-03-17.01) - NTFSX64 Run by Mateusz at 10:26:04,97 on 2011-02-01 Internet Explorer: 8.0.6001.18999 Microsoft� Windows Vista� Ultimate 6.0.6002.2.1250.48.1045.18.4093.2625 [GMT 1:00] SP: Spybot - Search andSpybot - *disabled* (Updated) 5DADBE9}F-1B8F-43B4-ACA8-8E3C85DADBE9} SP: AntiVir Desktop *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Spybot - Search and Search *disabled* (Updated) -8E3C85DF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: Search Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C8-8E3C8-8 SP: Search Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C8-8E3C85D ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Fraps 3.2.3\fraps.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files\CoreTemp\CoreTemp64\Core Temp.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe G:\Gry\Mafia 2 Demo\steam.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Fraps 3.2.3\fraps64.dat C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe G:\Patche i programy do instalacji\dds.scr C:\Windows\SysWOW64\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.pozyczka-kredyty.pl mLocal Page = c:\windows\syswow64\blank.htm uURLSearchHooks: DeviceVM Url Search Hook: {0063bf63-bfff-4b8f-9d26-4267df7f17dd} - c:\windows\syswow64\dvmurl.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File TB: RadioBar Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b315} - uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [AQQ] c:\progra~2\wapster\wapste~1\AQQ.exe uRun: [BitComet] "c:\program files (x86)\bitlord\BitLord.exe" uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [Steam] "g:\gry\mafia 2 demo\steam.exe" -silent mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&ksport do programu Microsoft Excel - c:\progra~2\mi1933~1\office11\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\mi1933~1\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} {9030D464-4C02-4ABF-8ECC-5164760863C6} {DBC80044-A445-435b-BC74-9C25C1C588A9} TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {5B291E6C-9A74-4034-971B-A4B007A0B315} - No File mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun-x64: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s STS-X64: {E31004D1-A431-41B8-826F-E902F9D95C81}: Windows DreamScene Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\users\mateusz\appdata\roaming\mozilla\firefox\profiles\2sma3vnk.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.interia.pl/ FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgba3a4f16a", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgba3a4fra", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\avira\antivir desktop\sched.exe [2009-11-28 135336] R2 AntiVirService;Avira AntiVir Guard;c:\program files (x86)\avira\antivir desktop\avguard.exe [2009-11-28 267944] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-28 83120] R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x64.sys [2009-11-28 19432] R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-7-10 21480] R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-7-3 1153368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-6-14 248936] R3 FontCache;Us�ug systemu Windows buforowania czcionek;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-2 27648] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-2-1 86120] R3 RTCore64;RTCore64;c:\program files (x86)\msi afterburner\RTCore64.sys [2010-8-31 14648] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe --> c:\windows\system32\atiesrxx.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AmdLLD64;AMD Low Level Device Driver;c:\windows\system32\drivers\AmdLLD64.sys [2010-4-20 47672] S3 ENTECH64;ENTECH64;c:\windows\system32\drivers\Entech64.sys [2009-12-18 12744] S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\lavalys\everest ultimate edition\kerneld.amd64 [2010-11-20 26240] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-12-14 61280] S3 fsssvc;Funkcja Bezpiecze�stwo rodzinne us�ugi Windows Live;c:\program files (x86)\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 PerfHost;Host bibliotek DLL licznik�w wydajno�ci;c:\windows\syswow64\perfhost.exe [2009-12-2 19968] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-12-4 89920] ============== File Associations =============== JSEFile=c:\windows\syswow64\WScript.exe "%1" %* =============== Created Last 30 ================ 2011-02-01 08:23:51 37109 ----a-w- c:\programdata\nvModes.dat 2011-02-01 08:13:21 86120 ----a-w- c:\windows\system32\drivers\nvhda64v.sys 2011-02-01 08:13:21 29288 ----a-w- c:\windows\system32\nvhdap64.dll 2011-02-01 08:13:21 255592 ----a-w- c:\windows\system32\nvcohda6.dll 2011-02-01 08:13:17 0 d-----w- C:\NVIDIA 2011-02-01 08:12:34 0 d-----w- c:\programdata\NVIDIA 2011-02-01 08:10:15 0 d-----w- c:\program files (x86)\NVIDIA Corporation 2011-02-01 08:09:12 0 d-----w- c:\programdata\NVIDIA Corporation 2011-02-01 08:09:06 0 d-----w- c:\program files\NVIDIA Corporation 2011-02-01 08:08:20 10787 ----a-w- c:\windows\system32\nvinfo.pb 2011-01-28 22:58:07 0 d-----w- c:\program files (x86)\MSI Kombustor 2011-01-26 10:57:10 0 d-----w- C:\GvTemp 2011-01-23 17:33:39 0 d-----w- c:\windows\usgwmt 2011-01-23 15:22:31 2250024 ----a-w- c:\windows\syswow64\pbsvc.exe 2011-01-21 11:07:47 0 d-----w- c:\program files (x86)\common files\Futuremark Shared 2011-01-21 11:07:28 0 d-----w- c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP 2011-01-21 09:50:26 215128 ----a-w- c:\windows\syswow64\PnkBstrB.exe 2011-01-21 09:50:12 75064 ----a-w- c:\windows\syswow64\PnkBstrA.exe 2011-01-20 17:50:01 0 d-sh--w- c:\programdata\SecuROM 2011-01-14 21:29:42 466944 ----a-w- c:\windows\system32\odbc32.dll 2011-01-14 21:29:42 413696 ----a-w- c:\windows\syswow64\odbc32.dll 2011-01-14 21:29:38 1251840 ----a-w- c:\windows\system32\sdclt.exe 2011-01-11 10:47:38 0 d-----w- c:\program files (x86)\MSI Afterburner 2011-01-11 10:22:40 3407 ----a-w- c:\users\mateusz\unigine_20110111_1122.htmlGTX460 dx10 2011-01-11 10:14:40 3405 ----a-w- c:\users\mateusz\unigine_20110111_1114.htmlGTX460 2011-01-11 09:39:00 0 d-----w- c:\users\mateusz\appdata\roaming\NVIDIA ==================== Find3M ==================== 2011-02-01 08:14:41 51200 ----a-w- c:\windows\inf\infpub.dat 2011-02-01 08:14:41 143360 ----a-w- c:\windows\inf\infstrng.dat 2011-02-01 08:13:36 86016 ----a-w- c:\windows\inf\infstor.dat 2011-01-30 19:14:59 671902 ----a-w- c:\windows\system32\perfh015.dat 2011-01-30 19:14:59 130310 ----a-w- c:\windows\system32\perfc015.dat 2011-01-27 10:58:52 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2011-01-27 10:58:52 444952 ----a-w- c:\windows\syswow64\wrap_oal.dll 2011-01-27 10:58:52 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2011-01-27 10:58:51 109080 ----a-w- c:\windows\syswow64\OpenAL32.dll 2011-01-16 20:56:59 472808 ----a-w- c:\windows\syswow64\deployJava1.dll 2010-12-10 08:59:39 23080 ----a-w- c:\windows\gdrv.sys 2010-11-06 11:18:48 500224 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-06 11:18:27 655872 ----a-w- c:\windows\system32\taskschd.dll 2010-11-06 11:18:27 410112 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-06 11:18:13 855040 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-04 23:58:17 267776 ----a-w- c:\windows\system32\taskeng.exe 2010-11-04 18:55:38 352768 ----a-w- c:\windows\syswow64\taskschd.dll 2010-11-04 18:55:38 270336 ----a-w- c:\windows\syswow64\taskcomp.dll 2010-11-04 16:34:06 171520 ----a-w- c:\windows\syswow64\taskeng.exe 2009-12-05 22:32:15 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-01-01 19:11:37 174 --sha-w- c:\program files\desktop.ini 2009-01-01 19:11:37 174 --sha-w- c:\program files (x86)\desktop.ini 2006-12-05 07:10:27 37468 ----a-w- c:\windows\inf\perflib\0415\perfd.dat 2006-12-05 07:10:27 37468 ----a-w- c:\windows\inf\perflib\0415\perfc.dat 2006-12-05 07:10:27 332832 ----a-w- c:\windows\inf\perflib\0415\perfi.dat 2006-12-05 07:10:27 332832 ----a-w- c:\windows\inf\perflib\0415\perfh.dat 2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2010-08-29 10:04:09 262144 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2010-10-08 19:48:03 164352 --sh--w- c:\windows\syswow64\SC.dll ============= FINISH: 10:27:39,64 =============== [/log] Rsit: [log]info.txt logfile of random's system information tool 1.08 2011-02-01 10:32:33 ======Uninstall list====== @BIOS Ver.2.05-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\setup.exe" -l0x9 -removeonly -->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} 3DMark Vantage-->"C:\Program Files (x86)\InstallShield Installation Information\{C40C3C3D-97CF-44B5-836C-766E374464B3}\setup.exe" -runfromtemp -l0x0009 -removeonly 3DMark06-->"C:\Program Files (x86)\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -runfromtemp -l0x0009 -removeonly 7-Zip 4.65-->"C:\Program Files (x86)\7-Zip\Uninstall.exe" Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.4.1 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A94000000001} ArcaniA - Gothic 4 Hotfix-->"G:\Gry\Gothic 4\ArcaniA - Gothic 4\unins000.exe" ArcaniA - Gothic 4 Patch-->"G:\Gry\Gothic 4\ArcaniA - Gothic 4\unins001.exe" ArcaniA - Gothic 4-->"G:\Gry\Gothic 4\ArcaniA - Gothic 4\uninstall.exe" Ashampoo Burning Studio 6 FREE-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE Battlefield: Bad Company� 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67} BioShock 2-->"C:\Program Files (x86)\InstallShield Installation Information\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}\setup.exe" -runfromtemp -l0x0409 -removeonly BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000028301} BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000028302} BitLord 1.1-->C:\Program Files (x86)\BitLord\uninst.exe Bluesoleil2.6.0.9 Release 070606-->MsiExec.exe /X{846AC73B-9394-48B9-B941-8F7F472F0047} Browser Configuration Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{E8AEA11B-E60A-455E-B008-E4E763604612}\setup.exe" -runfromtemp -l0x0009 -removeonly Burger Rush-->"C:\Windows\Burger Rush\uninstall.exe" "/U:G:\Gry\Ola\Burger rush\Uninstall\uninstall.xml" Call of Duty Modern Warfare 2-->"G:\Gry\Modern Warfare 2\Modern Warfare 2\unins000.exe" Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.3 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{750C87B8-AF19-4C3C-B791-50D9C83AE572}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409 Call of Duty: Black Ops-->"G:\Gry\Call of Duty - Black Ops\unins000.exe" Crysis WARHEAD(R) Patch-->"C:\ProgramData\{ADCC9DAF-34D1-4565-92F1-DDB872DCF596}\setup.exe" REMOVE=TRUE MODIFY=FALSE Crysis WARHEAD(R) Patch-->C:\ProgramData\{ADCC9DAF-34D1-4565-92F1-DDB872DCF596}\setup.exe Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4} Driver Sweeper 2.1.0-->"C:\Program Files (x86)\Phyxion.net\Driver Sweeper\unins000.exe" EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUI\EADMUninstall.exe EVEREST Ultimate Edition v5.30-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe" Fallout New Vegas-->"G:\Gry\Fallout New Vegas\Fallout New Vegas\unins000.exe" Far Cry 2-->"C:\Program Files (x86)\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0009 -removeonly Farm Frenzy 3 American Pie-->"C:\Windows\Farm Frenzy 3 American Pie\uninstall.exe" "/U:G:\Gry\Ola\farm frenzy\Uninstall\uninstall.xml" Farm Frenzy 3 Madagascar-->"G:\Gry\Ola\farm frenzy madagaskar\uninstall.exe" "/U:G:\Gry\Ola\farm frenzy madagaskar\Uninstall\uninstall.xml" Fraps-->"C:\Program Files\Fraps 3.2.3\uninstall.exe" Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe Galeria fotografii us�ugi Windows Live-->MsiExec.exe /X{E39C185F-1240-4BA7-A03B-4FD99805D63E} HD Tune 2.55-->"C:\Program Files (x86)\HD Tune\unins000.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT="" James Cameron's AVATAR(tm): THE GAME-->"C:\Program Files (x86)\InstallShield Installation Information\{7E19B002-4CA3-4C9F-BA92-91D101B97219}\setup.exe" -runfromtemp -l0x0009 -removeonly Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619} LOST PLANET 2-->MsiExec.exe /X{737369DC-08E8-4787-A78C-F86943247BDF} Mafia II - Demo-->"G:\Gry\Mafia 2 Demo\steam.exe" steam://uninstall/50280 Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /X{06E6E30D-B498-442F-A943-07DE41D7F785} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSI Afterburner 2.0.0-->"C:\Program Files (x86)\MSI Afterburner\uninstall.exe" MSI Kombustor v1.0.7-->"C:\Program Files (x86)\MSI Kombustor\unins000.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Narz�dzie do przekazywania us�ugi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U Pity 2009-->"C:\Program Files (x86)\Pity 2009\unins000.exe" Poczta us�ugi Windows Live-->MsiExec.exe /I{C35FE07E-24B5-410F-85B7-122087A0C7DD} Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{C5096D00-8B9C-41DB-8472-9D721E982DF0} Prototype(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\Setup.EXE -runfromtemp -l0x0409 PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u Ranch Rush 2 Collectors Edition 1.00-->G:\Gry\Ola\Ranch Rush 2 Collectors Edition\Uninstall.exe Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup1.exe -runfromtemp -l0x0015 -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly RESIDENT EVIL 5-->MsiExec.exe /X{AC08BBA0-96B9-431A-A7D0-D8598E493775} Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {8EAF4926-5B5D-398A-BA46-4603D8095BDE} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Skype� 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} The Sims� 3 Kariera-->"C:\Program Files (x86)\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\Sims3EP02Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims� 3 Nowoczesny apartament Akcesoria-->"C:\Program Files (x86)\InstallShield Installation Information\{71828142-5A24-4BD0-97E7-976DA08CE6CF}\Sims3SP01Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims� 3 Po zmroku-->"C:\Program Files (x86)\InstallShield Installation Information\{45057FCE-5784-48BE-8176-D9D00AF56C3C}\Sims3EP03Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims� 3 Wymarzone Podr�e-->"C:\Program Files (x86)\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\Sims3EP01Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims� 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0015 -removeonly Two Worlds II-->G:\Gry\Two Worlds 2\Two Worlds II\Uninstall.exe Unigine Heaven Benchmark v2.1-->MsiExec.exe /I{38468127-9E6F-4FC9-B5F7-42D4AD437D96} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" WapSter AQQ-->C:\Program Files (x86)\WapSter\WapSter AQQ\uninstall.exe Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Messenger-->MsiExec.exe /X{4D5219EC-BFF8-4B7F-AB92-6D827BB37CB0} Windows Live Movie Maker-->MsiExec.exe /X{AA7B0DE4-E3CA-443F-B1CF-418431664C63} Windows Live Sync-->MsiExec.exe /X{E580DFEA-3F1D-4B56-9115-984217032FF5} Windows Live Toolbar-->MsiExec.exe /X{6B6CD6E1-E8F9-4E6E-BB8D-89C57D98A9DD} Windows Live Writer-->MsiExec.exe /X{9AB614A6-719C-4A6E-A63E-831E0A35F62A} XviD MPEG-4 Video Codec-->"C:\Program Files (x86)\XviD\unins000.exe" ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AS: Spybot - Search andSpybot - (disabled) AS: AntiVir Desktop AS: Spybot - Search and Destroy (disabled) AS: Spybot - Search and Search (disabled) AS: Windows Defender AS: Search Search and Destroy (disabled) (outdated) AS: Search Search and Destroy (disabled) (outdated) ======System event log====== Computer Name: Mateusz-PC Event Code: 4376 Message: Obs�uga za��da�a ponownego uruchomienia w celu uko�czenia operacji nadawania pakietowi KB2345886(Update) stanu ��dana instalacja(Install Requested). Record Number: 206833 Source Name: Microsoft-Windows-Servicing Time Written: 20101013210711.000000-000 Event Type: Ostrze�enie User: ZARZ�DZANIE NT\SYSTEM Computer Name: Mateusz-PC Event Code: 4386 Message: Obs�uga systemu Windows za��da�a ponownego uruchomienia w celu uko�czenia zmieniania stanu aktualizacji 2345886-79_neutral_GDR z pakietu KB2345886(Update) na ��dana instalacja(Install Requested). Record Number: 206832 Source Name: Microsoft-Windows-Servicing Time Written: 20101013210711.000000-000 Event Type: Informacje User: ZARZ�DZANIE NT\SYSTEM Computer Name: Mateusz-PC Event Code: 4376 Message: Obs�uga za��da�a ponownego uruchomienia w celu uko�czenia operacji nadawania pakietowi KB2345886(Update) stanu ��dana instalacja(Install Requested). Record Number: 206831 Source Name: Microsoft-Windows-Servicing Time Written: 20101013210711.000000-000 Event Type: Ostrze�enie User: ZARZ�DZANIE NT\SYSTEM Computer Name: Mateusz-PC Event Code: 4386 Message: Obs�uga systemu Windows za��da�a ponownego uruchomienia w celu uko�czenia zmieniania stanu aktualizacji 2345886-81_neutral_PACKAGE z pakietu KB2345886(Update) na ��dana instalacja(Install Requested). Record Number: 206830 Source Name: Microsoft-Windows-Servicing Time Written: 20101013210711.000000-000 Event Type: Informacje User: ZARZ�DZANIE NT\SYSTEM Computer Name: Mateusz-PC Event Code: 4376 Message: Obs�uga za��da�a ponownego uruchomienia w celu uko�czenia operacji nadawania pakietowi KB2345886(Update) stanu ��dana instalacja(Install Requested). Record Number: 206829 Source Name: Microsoft-Windows-Servicing Time Written: 20101013210711.000000-000 Event Type: Ostrze�enie User: ZARZ�DZANIE NT\SYSTEM =====Application event log===== Computer Name: Mateusz-PC Event Code: 10000 Message: Rozpoczynanie sesji 1 � 2010-04-06T19:16:22.107Z. Record Number: 16133 Source Name: Microsoft-Windows-RestartManager Time Written: 20100406191622.107713-000 Event Type: Informacje User: Mateusz-PC\Mateusz Computer Name: Mateusz-PC Event Code: 10001 Message: Ko�czenie sesji 1 (rozpocz�cie: 2010-04-06T19:16:21.547Z). Record Number: 16132 Source Name: Microsoft-Windows-RestartManager Time Written: 20100406191621.840713-000 Event Type: Informacje User: Mateusz-PC\Mateusz Computer Name: Mateusz-PC Event Code: 10000 Message: Rozpoczynanie sesji 1 � 2010-04-06T19:16:21.547Z. Record Number: 16131 Source Name: Microsoft-Windows-RestartManager Time Written: 20100406191621.547713-000 Event Type: Informacje User: Mateusz-PC\Mateusz Computer Name: Mateusz-PC Event Code: 1042 Message: Ko�czenie transakcji Instalatora Windows: g:\0b574054b5d15a92780b8bb9\pkg\gfwlclient.msi. Identyfikator procesu klienta: 1400. Record Number: 16130 Source Name: MsiInstaller Time Written: 20100406191622.000000-000 Event Type: Informacje User: ZARZ�DZANIE NT\SYSTEM Computer Name: Mateusz-PC Event Code: 1033 Message: Instalator Windows zainstalowa� produkt. Nazwa produktu: Microsoft Games for Windows - LIVE. Wersja produktu: 3.0.86.0. J�zyk produktu: 1033. Stan powodzenia lub b��du instalacji: 0. Record Number: 16129 Source Name: MsiInstaller Time Written: 20100406191622.000000-000 Event Type: Informacje User: Mateusz-PC\Mateusz =====Security event log===== Computer Name: Mateusz-PC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpiecze�: S-1-5-19 Nazwa konta: US�UGA LOKALNA Domena konta: ZARZ�DZANIE NT Identyfikator logowania: 0x3e5 Uprawnienia: SeAssignPrimaryTokenPrivilege SeAuditPrivilege SeImpersonatePrivilege Record Number: 68538 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20101007210623.112512-000 Event Type: Sukces inspekcji User: Computer Name: Mateusz-PC Event Code: 4624 Message: U�ytkownik pomy�lnie zalogowa� si� na koncie. Podmiot: Identyfikator zabezpiecze�: S-1-5-18 Nazwa konta: MATEUSZ-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpiecze�: S-1-5-19 Nazwa konta: US�UGA LOKALNA Domena konta: ZARZ�DZANIE NT Identyfikator logowania: 0x3e5 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2b8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres �r�d�owy sieci: - Port �r�d�owy: - Szczeg�owe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Us�ugi przej�ciowe: - Nazwa pakietu (tylko NTLM): - D�ugo�� klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do kt�rego zosta� uzyskany dost�p. Pola podmiotu wskazuj� konto w systemie lokalnym, kt�re za��da�o logowania. Najcz�ciej jest to us�uga, na przyk�ad us�uga Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistnia�ego logowania. Najcz�stsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazuj� konto, dla kt�rego zosta�o utworzone nowe logowanie, czyli konto, kt�re zosta�o zalogowane. Pola sieci wskazuj� lokalizacj�, z kt�rej pochodzi�o zdalne ��danie logowania. Nazwa stacji roboczej nie zawsze jest dost�pna i w niekt�rych przypadkach mo�e by� pusta. Pola informacji o uwierzytelnianiu zawieraj� szczeg�owe informacje o tym konkretnym ��daniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomoc� kt�rego mo�na skorelowa� to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Us�ugi przej�ciowe wskazuj�, kt�re us�ugi po�rednie uczestniczy�y w tym ��daniu logowania. - Nazwa pakietu wskazuje, kt�ry protok� podrz�dny spo�r�d protoko��w NTLM zosta� u�yty. - D�ugo�� klucza wskazuje d�ugo�� wygenerowanego klucza sesji. Je�li nie za��dano klucza sesji, jest to warto�� 0. Record Number: 68537 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20101007210623.112512-000 Event Type: Sukces inspekcji User: Computer Name: Mateusz-PC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpiecze�: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZ�DZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 68536 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20101007210623.050112-000 Event Type: Sukces inspekcji User: Computer Name: Mateusz-PC Event Code: 4624 Message: U�ytkownik pomy�lnie zalogowa� si� na koncie. Podmiot: Identyfikator zabezpiecze�: S-1-5-18 Nazwa konta: MATEUSZ-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpiecze�: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZ�DZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2b8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres �r�d�owy sieci: - Port �r�d�owy: - Szczeg�owe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Us�ugi przej�ciowe: - Nazwa pakietu (tylko NTLM): - D�ugo�� klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do kt�rego zosta� uzyskany dost�p. Pola podmiotu wskazuj� konto w systemie lokalnym, kt�re za��da�o logowania. Najcz�ciej jest to us�uga, na przyk�ad us�uga Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistnia�ego logowania. Najcz�stsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazuj� konto, dla kt�rego zosta�o utworzone nowe logowanie, czyli konto, kt�re zosta�o zalogowane. Pola sieci wskazuj� lokalizacj�, z kt�rej pochodzi�o zdalne ��danie logowania. Nazwa stacji roboczej nie zawsze jest dost�pna i w niekt�rych przypadkach mo�e by� pusta. Pola informacji o uwierzytelnianiu zawieraj� szczeg�owe informacje o tym konkretnym ��daniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomoc� kt�rego mo�na skorelowa� to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Us�ugi przej�ciowe wskazuj�, kt�re us�ugi po�rednie uczestniczy�y w tym ��daniu logowania. - Nazwa pakietu wskazuje, kt�ry protok� podrz�dny spo�r�d protoko��w NTLM zosta� u�yty. - D�ugo�� klucza wskazuje d�ugo�� wygenerowanego klucza sesji. Je�li nie za��dano klucza sesji, jest to warto�� 0. Record Number: 68535 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20101007210623.050112-000 Event Type: Sukces inspekcji User: Computer Name: Mateusz-PC Event Code: 4648 Message: Podj�to pr�b� logowania przy u�yciu jawnych po�wiadcze�. Podmiot: Identyfikator zabezpiecze�: S-1-5-18 Nazwa konta: MATEUSZ-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, kt�rego po�wiadczenia zosta�y u�yte: Nazwa konta: SYSTEM Domena konta: ZARZ�DZANIE NT Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x2b8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Adres sieciowy: - Port: - To zdarzenie jest generowane, gdy proces podejmie pr�b� zalogowania si� na koncie, okre�laj�c w spos�b jawny po�wiadczenia konta. To zdarzenie najcz�ciej wyst�puje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas u�ywania polecenia RUNAS. Record Number: 68534 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20101007210623.050112-000 Event Type: Sukces inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft Windows Performance Toolkit\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=0402 "NUMBER_OF_PROCESSORS"=3 -----------------EOF----------------- [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Mateusz at 2011-02-01 10:32:23 Microsoft� Windows Vista� Ultimate Service Pack 2 System drive C: has 17 GB (17%) free of 100 GB Total RAM: 4093 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:32:32, on 2011-02-01 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Program Files\Fraps 3.2.3\fraps.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe G:\Gry\Mafia 2 Demo\steam.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\conime.exe G:\Patche i programy do instalacji\GMER.exe G:\Patche i programy do instalacji\RSIT.exe C:\Program Files (x86)\trend micro\Mateusz.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pozyczka-kredyty.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe O4 - HKCU\..\Run: [BitComet] "C:\Program Files (x86)\BitLord\BitLord.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Steam] "G:\Gry\Mafia 2 Demo\steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'US�UGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'US�UGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'US�UGA SIECIOWA') O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8571 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-11-10 281768] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240] "AQQ"=C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe [2010-12-24 8790016] "BitComet"=C:\Program Files (x86)\BitLord\BitLord.exe [2005-05-07 2224128] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968] "Steam"=G:\Gry\Mafia 2 Demo\steam.exe [2011-01-20 1242448] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\SysWOW64\Notepad.exe %1 .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2011-02-01 10:32:23 ----D---- C:\rsit 2011-02-01 09:54:04 ----SHD---- C:\Config.Msi 2011-02-01 09:23:26 ----ASH---- C:\hiberfil.sys 2011-02-01 09:13:17 ----D---- C:\NVIDIA 2011-02-01 09:12:34 ----D---- C:\ProgramData\NVIDIA 2011-02-01 09:10:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2011-02-01 09:09:12 ----D---- C:\ProgramData\NVIDIA Corporation 2011-01-28 23:58:07 ----D---- C:\Program Files (x86)\MSI Kombustor 2011-01-26 11:57:10 ----D---- C:\GvTemp 2011-01-23 18:33:39 ----D---- C:\Windows\usgwmt 2011-01-23 16:22:31 ----A---- C:\Windows\SysWOW64\pbsvc.exe 2011-01-21 12:07:47 ----D---- C:\Program Files (x86)\Common Files\Futuremark Shared 2011-01-21 12:07:28 ----D---- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP 2011-01-21 10:50:26 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2011-01-21 10:50:12 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2011-01-20 18:50:01 ----SHD---- C:\ProgramData\SecuROM 2011-01-14 22:29:42 ----A---- C:\Windows\SysWOW64\odbc32.dll 2011-01-11 11:47:38 ----D---- C:\Program Files (x86)\MSI Afterburner 2011-01-11 10:39:00 ----D---- C:\Users\Mateusz\AppData\Roaming\NVIDIA 2011-01-05 08:11:36 ----D---- C:\Program Files (x86)\Common Files\Adobe 2011-01-05 08:11:36 ----D---- C:\Program Files (x86)\Adobe 2010-12-20 18:46:57 ----D---- C:\Program Files (x86)\Electronic Arts 2010-12-16 08:55:16 ----A---- C:\Windows\SysWOW64\tzres.dll 2010-12-16 08:55:04 ----A---- C:\Windows\SysWOW64\iertutil.dll 2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\mstime.dll 2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\mshtml.dll 2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\ieframe.dll 2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\ie4uinit.exe 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\wininet.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\urlmon.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\occache.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\licmgr10.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\ieui.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iesetup.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iernonce.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iepeers.dll 2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2010-12-16 08:54:59 ----A---- C:\Windows\SysWOW64\fontsub.dll 2010-12-16 08:54:59 ----A---- C:\Windows\SysWOW64\atmlib.dll 2010-12-16 08:54:59 ----A---- C:\Windows\SysWOW64\atmfd.dll 2010-12-16 08:54:55 ----A---- C:\Windows\SysWOW64\taskschd.dll 2010-12-16 08:54:55 ----A---- C:\Windows\SysWOW64\taskeng.exe 2010-12-16 08:54:55 ----A---- C:\Windows\SysWOW64\taskcomp.dll 2010-12-03 14:46:05 ----D---- C:\Users\Mateusz\AppData\Roaming\Ashampoo 2010-12-03 14:45:59 ----D---- C:\ProgramData\ashampoo 2010-12-03 14:45:56 ----D---- C:\Program Files (x86)\Ashampoo 2010-12-03 14:37:36 ----D---- C:\Users\Mateusz\AppData\Roaming\Nero 2010-12-03 14:36:31 ----D---- C:\ProgramData\Nero 2010-11-26 23:56:15 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2010-11-26 23:56:15 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2010-11-26 23:56:13 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2010-11-20 22:32:07 ----D---- C:\Program Files (x86)\Futuremark 2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2010-11-08 09:54:30 ----D---- C:\Program Files (x86)\Unigine ======List of files/folders modified in the last 3 months====== 2011-02-01 10:32:30 ----D---- C:\Windows\Temp 2011-02-01 10:32:28 ----D---- C:\Program Files (x86)\trend micro 2011-02-01 09:54:11 ----SHD---- C:\Windows\Installer 2011-02-01 09:53:50 ----SHD---- C:\System Volume Information 2011-02-01 09:24:20 ----D---- C:\Windows 2011-02-01 09:23:52 ----HD---- C:\ProgramData 2011-02-01 09:13:41 ----D---- C:\Windows\System32 2011-02-01 09:13:37 ----D---- C:\Windows\inf 2011-02-01 09:10:43 ----D---- C:\Windows\Help 2011-02-01 09:10:15 ----RD---- C:\Program Files (x86) 2011-02-01 09:09:11 ----D---- C:\Windows\SysWOW64 2011-02-01 09:09:06 ----RD---- C:\Program Files 2011-02-01 09:07:03 ----D---- C:\Windows\Prefetch 2011-02-01 09:04:06 ----D---- C:\ProgramData\Spybot - Search & Destroy 2011-02-01 09:04:03 ----D---- C:\Windows\Minidump 2011-01-27 11:58:52 ----D---- C:\Program Files (x86)\OpenAL 2011-01-27 11:58:52 ----A---- C:\Windows\SysWOW64\wrap_oal.dll 2011-01-27 11:58:51 ----A---- C:\Windows\SysWOW64\OpenAL32.dll 2011-01-26 12:00:38 ----D---- C:\Program Files (x86)\GIGABYTE 2011-01-26 11:54:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2011-01-25 22:56:41 ----D---- C:\Program Files (x86)\Common Files 2011-01-23 16:25:07 ----RSD---- C:\Windows\assembly 2011-01-21 11:53:21 ----D---- C:\Users\Mateusz\AppData\Roaming\Bioshock2 2011-01-20 19:55:36 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2011-01-20 19:32:01 ----D---- C:\Program Files (x86)\Common Files\Steam 2011-01-16 21:56:59 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2011-01-16 17:26:15 ----D---- C:\Windows\Debug 2011-01-14 22:30:37 ----D---- C:\Windows\winsxs 2011-01-11 10:03:17 ----D---- C:\Users\Mateusz\AppData\Roaming\ATI 2011-01-09 00:21:11 ----D---- C:\ProgramData\OpenFM 2011-01-05 08:11:39 ----D---- C:\ProgramData\Adobe 2010-12-22 09:30:15 ----D---- C:\Windows\SysWOW64\directx 2010-12-20 18:58:07 ----D---- C:\ProgramData\Electronic Arts 2010-12-17 09:55:34 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-12-16 09:20:14 ----D---- C:\Windows\rescache 2010-12-16 09:01:19 ----D---- C:\Program Files (x86)\Internet Explorer 2010-12-16 09:01:18 ----D---- C:\Windows\SysWOW64\migration 2010-12-16 09:01:14 ----D---- C:\Windows\SysWOW64\pl-PL 2010-12-16 09:01:14 ----D---- C:\Program Files (x86)\Windows Mail 2010-12-13 10:57:16 ----D---- C:\ProgramData\Media Center Programs 2010-12-11 20:03:44 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-12-08 10:10:22 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2010-12-05 10:18:21 ----A---- C:\Windows\GSetup.ini 2010-11-25 23:45:51 ----D---- C:\Program Files (x86)\Gry.Pl 2010-11-11 19:06:30 ----D---- C:\Program Files (x86)\CCleaner ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 24976] R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 49680] R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [] R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [] R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [] R3 ALSysIO;ALSysIO; \??\C:\Users\Mateusz\AppData\Local\Temp\ALSysIO64.sys [] R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-05-11 38160] R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 37648] R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-05-23 19728] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [] R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-08-31 14648] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [] R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 47120] R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 63248] S3 aio92p4b;aio92p4b; C:\Windows\SysWOW64\drivers\aio92p4b.sys [] S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [] S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] S3 AmdLLD64;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD64.sys [] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys [] S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [] S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-23 44688] S3 cpuz130;cpuz130; \??\C:\Users\Mateusz\AppData\Local\Temp\cpuz130\cpuz_x64.sys [] S3 cpuz131;cpuz131; \??\C:\Users\Mateusz\AppData\Local\Temp\cpuz131\cpuz_x64.sys [] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [] S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2004-06-22 5632] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2009-10-02 26240] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-12-10 23080] S3 GPU-Z;GPU-Z; \??\C:\Users\Mateusz\AppData\Local\Temp\GPU-Z.sys [] S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla us�ugi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [] S3 MSKSSRV;Serwer proxy us�ugi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Serwer proxy mened�era jako�ci Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [] S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-10 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-12-09 267944] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-21 75064] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-14 248936] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-20 407336] S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 fsssvc;Funkcja Bezpiecze�stwo rodzinne us�ugi Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] -----------------EOF----------------- [/log] GMER: [URL=http://img823.imageshack.us/i/beztytuussz.jpg/][IMG]http://img823.imageshack.us/img823/8185/beztytuussz.th.jpg[/IMG][/URL] [color="#0000FF"]//Wstawiam w tagi //Tom01[/color]
Tomek01 komentarz 1 lutego 2011 komentarz 1 lutego 2011 A nie mógłbyś wstawić tych logów w tagi ? Patrzyłeś w podglądzie zdarzeń ? Czy pojawiał Ci się Bsod ? Log z Gmer także, ale na czas wykonania logów odinstaluj sterownik sptd.sys moraz jednostki emulujące napęd, Deamon Tools, Alcohol.
Gość komentarz 1 lutego 2011 komentarz 1 lutego 2011 BBC code z forum mi nie działa. Niebieskich nie było gdyby sie pojawiły dałbym od razu kod błędu a po tym kodzie ze screena nie jesteś w stanie zdiagnozować co jest nie tak? Alkohola nie mam a Deamona dawno odinstalowałem. Jaki log z GMER ? On tworzy logi ? Bo nic mi nie wiadomo. Proszę o pomoc bo jestem bliski stawiania systemu od nowa a nie chciałbym aby na WIndows 7 było to samo...
Tomek01 komentarz 1 lutego 2011 komentarz 1 lutego 2011 Widzę na razie tylko jednego trojana: dvmurl.dll Metro2033.exe to ewidentnie błąd konkretnej gry. A co się pojawia gdy uruchamiasz inne gry ? Koniecznie pokaż mi też logi OTL.
Gość komentarz 1 lutego 2011 komentarz 1 lutego 2011 Napisze tak przy odpaleniu Mafii 2 wyskoczył mi ten komunikat ze screena i potem żadna aplikacja 3D nie uruchomiła się poprawie. Wszystkie kraszowało i zamykało z błędami. [log]OTL logfile created on: 2011-02-01 23:29:44 - Run 6 OTL by OldTimer - Version 3.2.6.0 Folder = G:\Patche i programy do instalacji 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free 14,00 Gb Paging File | 12,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): c:\pagefile.sys 6138 6138g:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,66 Gb Total Space | 11,94 Gb Free Space | 12,23% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 368,10 Gb Total Space | 121,90 Gb Free Space | 33,12% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MATEUSZ-PC Current User Name: Mateusz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-01-21 10:50:12 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010-12-24 09:27:32 | 008,790,016 | ---- | M] (Creative Team S.A.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe PRC - [2010-12-11 20:03:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-12-11 20:03:43 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010-12-09 12:15:26 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010-11-10 00:19:04 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-11-10 00:19:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010-08-31 04:04:16 | 000,355,640 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2010-06-15 03:18:32 | 002,176,944 | ---- | M] (Beepa P/L) -- C:\Program Files\Fraps 3.2.3\fraps.exe PRC - [2010-06-14 00:05:14 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-06-13 13:30:26 | 000,572,416 | ---- | M] (OldTimer Tools) -- G:\Patche i programy do instalacji\OTL.exe PRC - [2010-05-14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009-01-26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2005-05-07 01:47:08 | 002,224,128 | ---- | M] (www.BitLord.com) -- C:\Program Files (x86)\BitLord\BitLord.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-15 02:54:34 | 000,206,768 | ---- | M] (Beepa P/L) -- C:\Program Files\Fraps 3.2.3\fraps32.dll MOD - [2010-06-13 13:30:26 | 000,572,416 | ---- | M] (OldTimer Tools) -- G:\Patche i programy do instalacji\OTL.exe MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2008-01-19 08:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-09-25 02:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache) SRV:[b]64bit:[/b] - [2009-08-18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV:[b]64bit:[/b] - [2009-04-11 08:11:27 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:[b]64bit:[/b] - [2009-04-11 08:11:14 | 000,604,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:[b]64bit:[/b] - [2009-04-11 08:11:04 | 001,149,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine) SRV:[b]64bit:[/b] - [2008-01-19 09:06:50 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2008-01-19 09:00:52 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2008-01-19 09:00:17 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fxssvc.exe -- (Fax) SRV - [2011-01-21 10:50:12 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-12-09 12:15:26 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-11-10 00:19:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-06-14 00:05:14 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-05-14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010-04-28 06:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010-03-18 13:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 13:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-03-30 05:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2009-01-26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2006-11-02 14:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2006-11-02 07:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2006-11-02 07:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS) SRV - [2005-11-14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-11-24 09:37:27 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2010-07-09 12:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134) DRV:[b]64bit:[/b] - [2010-03-10 02:48:28 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2010-03-02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2009-12-14 17:10:17 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-12-05 13:04:16 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2009-12-05 13:04:12 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2009-10-01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2009-08-05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2009-04-22 13:32:22 | 000,047,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys -- (AmdLLD64) DRV:[b]64bit:[/b] - [2009-04-11 08:15:30 | 000,160,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\fvevol.sys -- (fvevol) DRV:[b]64bit:[/b] - [2009-04-11 06:39:51 | 000,275,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService) DRV:[b]64bit:[/b] - [2009-04-11 05:56:24 | 000,460,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:[b]64bit:[/b] - [2009-03-27 01:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132) DRV:[b]64bit:[/b] - [2008-11-29 07:19:28 | 000,028,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2008-11-10 13:26:30 | 000,184,832 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:[b]64bit:[/b] - [2008-04-22 08:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64) DRV:[b]64bit:[/b] - [2008-01-19 07:38:16 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM) DRV:[b]64bit:[/b] - [2007-05-23 03:25:18 | 000,019,728 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btnetdrv.sys -- (BT) DRV:[b]64bit:[/b] - [2007-05-23 03:25:12 | 000,044,688 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btcusb.sys -- (Btcsrusb) DRV:[b]64bit:[/b] - [2007-05-11 02:12:06 | 000,038,160 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\blueletaudio.sys -- (BlueletAudio) DRV:[b]64bit:[/b] - [2007-03-05 04:48:12 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV:[b]64bit:[/b] - [2007-03-05 04:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VcommMgr.sys -- (VcommMgr) DRV:[b]64bit:[/b] - [2007-03-05 04:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VComm.sys -- (VComm) DRV - [2010-12-10 09:59:39 | 000,023,080 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010-08-31 04:04:20 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009-11-29 14:09:17 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2009-11-28 14:01:43 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC) DRV - [2009-10-02 00:00:00 | 000,026,240 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 -- (EverestDriver) DRV - [2007-05-23 03:25:18 | 000,019,728 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\btnetdrv.sys -- (BT) DRV - [2007-05-23 03:25:12 | 000,044,688 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\btcusb.sys -- (Btcsrusb) DRV - [2007-05-11 02:12:06 | 000,038,160 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2007-03-05 04:48:12 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2007-03-05 04:42:54 | 000,049,680 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2007-03-05 04:41:34 | 000,024,976 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum) DRV - [2007-03-05 04:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VCommMgr.sys -- (VcommMgr) DRV - [2007-03-05 04:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VComm.sys -- (VComm) DRV - [2006-09-18 22:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2004-06-22 15:44:50 | 000,005,632 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Entech64.sys -- (ENTECH64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pozyczka-kredyty.pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.interia.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-11 20:03:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-05 08:12:02 | 000,000,000 | ---D | M] [2010-06-18 10:58:54 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2011-02-01 08:11:54 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\2sma3vnk.default\extensions [2010-06-19 13:20:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\2sma3vnk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-25 22:56:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010-07-17 10:54:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-09-17 20:13:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-10-16 21:23:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-01-16 21:57:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-10-21 18:56:47 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-10-21 18:56:47 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-10-21 18:56:47 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2010-10-21 18:56:47 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010-10-21 18:56:47 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-10-21 18:56:47 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-01-01 11:44:32 | 000,371,260 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 12799 more lines... O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKCU..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.) O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitLord\BitLord.exe (www.BitLord.com) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O22:[b]64bit:[/b] - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{fad9dc00-dc1d-11de-b760-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fad9dc00-dc1d-11de-b760-806e6f6e6963}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-02-01 11:16:41 | 000,255,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll [2011-02-01 11:16:41 | 000,086,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2011-02-01 11:16:41 | 000,029,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2011-02-01 11:16:37 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011-02-01 11:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011-02-01 11:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011-02-01 09:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011-02-01 09:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011-01-28 23:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Kombustor [2011-01-26 11:57:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\temp [2011-01-26 11:57:10 | 000,000,000 | ---D | C] -- C:\GvTemp [2011-01-23 18:33:39 | 000,000,000 | ---D | C] -- C:\Windows\usgwmt [2011-01-21 12:07:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared [2011-01-21 12:07:28 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP [2011-01-20 19:56:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\2K Games [2011-01-20 18:50:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2011-01-16 15:09:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\ArcaniA - Gothic 4 [2011-01-14 22:29:42 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011-01-14 22:29:42 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011-01-14 22:29:38 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe [2011-01-11 11:47:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner [2011-01-11 10:39:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\NVIDIA [2011-01-05 08:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011-01-05 08:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-02-01 23:30:06 | 006,553,600 | -HS- | M] () -- C:\Users\Mateusz\ntuser.dat [2011-02-01 22:20:23 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-02-01 22:17:11 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-02-01 22:17:00 | 000,003,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-01 22:17:00 | 000,003,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-01 22:16:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-02-01 22:16:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-01 22:16:53 | 4292,403,200 | -HS- | M] () -- C:\hiberfil.sys [2011-02-01 17:16:23 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\ntuser.dat{93ac0e6a-8d04-11df-b0c0-00241dd5ef78}.TMContainer00000000000000000001.regtrans-ms [2011-02-01 17:16:23 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\ntuser.dat{93ac0e6a-8d04-11df-b0c0-00241dd5ef78}.TM.blf [2011-02-01 17:16:20 | 003,724,707 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2011-02-01 12:14:39 | 000,002,432 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Tempte4056.html [2011-02-01 11:04:38 | 000,001,460 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\d3d9caps64.dat [2011-02-01 11:04:31 | 000,008,404 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\d3d9caps.dat [2011-01-30 20:14:59 | 001,495,264 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-01-30 20:14:59 | 000,671,902 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-01-30 20:14:59 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-01-30 20:14:59 | 000,130,310 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-01-30 20:14:59 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-01-27 11:58:52 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011-01-27 11:58:52 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011-01-27 11:58:52 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2011-01-27 11:58:51 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2011-01-26 10:54:56 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-01-26 10:54:56 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-01-23 17:11:12 | 000,000,824 | ---- | M] () -- C:\Users\Mateusz\Desktop\Far Cr 2.lnk [2011-01-23 16:22:31 | 002,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2011-01-22 19:49:48 | 000,002,432 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\TempmAu552.html [2011-01-21 10:50:12 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-01-17 08:11:19 | 001,173,920 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2011-01-16 21:56:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011-01-16 15:09:04 | 000,048,128 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-13 09:19:03 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk [2011-01-11 11:22:40 | 000,003,407 | ---- | M] () -- C:\Users\Mateusz\unigine_20110111_1122.htmlGTX460 dx10 [2011-01-11 11:14:40 | 000,003,405 | ---- | M] () -- C:\Users\Mateusz\unigine_20110111_1114.htmlGTX460 [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-01 12:14:35 | 000,002,432 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\Tempte4056.html [2011-02-01 11:28:29 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat [2011-02-01 11:28:29 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001 [2011-02-01 11:28:07 | 4292,403,200 | -HS- | C] () -- C:\hiberfil.sys [2011-02-01 09:08:20 | 000,010,787 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011-01-23 17:06:41 | 000,000,824 | ---- | C] () -- C:\Users\Mateusz\Desktop\Far Cr 2.lnk [2011-01-23 16:22:31 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011-01-22 19:49:41 | 000,002,432 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\TempmAu552.html [2011-01-21 10:50:26 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-01-21 10:50:12 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-01-13 09:19:03 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk [2011-01-11 11:22:40 | 000,003,407 | ---- | C] () -- C:\Users\Mateusz\unigine_20110111_1122.htmlGTX460 dx10 [2011-01-11 11:14:40 | 000,003,405 | ---- | C] () -- C:\Users\Mateusz\unigine_20110111_1114.htmlGTX460 [2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010-10-08 20:48:03 | 000,164,352 | -HS- | C] () -- C:\Windows\SysWow64\SC.dll [2010-02-22 15:28:55 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2010-02-08 06:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\SysWow64\vfprintpthelper.dll [2009-12-28 14:14:46 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2009-12-11 16:36:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2009-12-04 18:49:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009-12-04 18:48:09 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-12-02 16:57:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2009-11-28 19:58:44 | 000,000,275 | ---- | C] () -- C:\Windows\game.ini [2009-11-28 14:14:01 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2006-10-08 23:29:22 | 000,032,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\BTNetFilter.sys [2004-06-06 12:53:42 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2004-06-05 12:56:16 | 000,679,936 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll < End of report > [/log]
Tomek01 komentarz 1 lutego 2011 komentarz 1 lutego 2011 Wklej do OTL: [code]:OTL IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.) :Files C:\Users\Mateusz\AppData\Local\Temp*.html :Commands [emtptytemp][/code] RunFix... Gigantycznie rozrośnięty hosts: O1 - Hosts: 12799 more lines... Wejdź w Start/Uruchom, wklejasz : [b]Notepad C:\windows\System32\drivers\etc\Hosts[/b] - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. Pokaż tylko nowy log OTL.
Gość komentarz 5 lutego 2011 komentarz 5 lutego 2011 (edytowane) po usunięciu tego nie da się zapisać tego pliku. Pisze że jest tylko do odczytu a ja nie mam uprawnień choć jako administrator w niego klikam. Nowy log po sunięciu z OTL: [url="http://www.speedyshare.com/files/26632308/OTL.Txt"]http://www.speedysha...6632308/OTL.Txt[/url] A więc tak dzisiaj rano włączyłem PC który przywitał mnie zresetowaniem sterownika ekranu. Potem nastąpił biały ekran i 3 restarty. Po czym zresetowałem bios baterią. Wyskoczył komunikat CMOS error load failure i nic się nie stało dalej po resecie wyskoczył bluescreen zatytułowany "attempt to display driver and recover from timeout failed" o kodzie: 0x00000116 (0xFFFFFA8007730010, 0xFFFFFA600671C4C0, 0xFFFFFFC00000B5, 0x000000000000000A) uruchomiłem w trybie awaryjnym ale nawet sterowników do końća nie dało się z panelu usnąc bo witał mnie komunikat " instalator windwos jest uszkodzony" dopiero co sie dało usunałem reszte Driver Sweeperem. uruchamiam komputer normalnie i jako tako działa. Nie wiem co dalej nic nie instaluje usuwam po kolei gry przygotowując do formata. Wrzucam jeszcze kod błędy z dziennika systemu: [url="http://img829.imageshack.us/i/beztytuuixs.jpg/"][img]http://img829.imageshack.us/img829/8864/beztytuuixs.th.jpg[/img][/url] ten błąd wyskoczył z 10 razy. jakieś pomysły? ja będę koło północy dopiero. ktoś zna odpowiedź? I znowu ja. Więc w skrócie gdyby to kogoś interesowało. [b]EDIT@[/b] Format przeprowadzony oraz zainstalowany WIndows 7. Po zainstalowaniu sterowników od płyty przyszedł czas na sterowniki GPU. Wybrałem wersję 258.96 dla 64-bitowego W7 jakiego zainstalowałem. Po ponownym uruchomieniu komputera nie minęło 4 minuty jak przywitała mnie zwiecha systemu zgaśnięcie monitora oraz restart... potem zamiast załadowania systemu przywitał mnie piękny kolorowy ekran pełen barwnych nieustających w ruchu artefaktów. Kółka kwadraty trójkąty paski kropki co tylko byście chcieli. Restart i zwiecha i tak w kółko. Pod odinstalowaniu sterowników w trybie awaryjnym kolejny problem. O ile na Viście dało się normalnie funkcjonować to na W7 już nie próba włączenia filmu z dysku skutkowała zawieszeniem systemu z charakterystycznym urwanym dźwiękiem.... teraz testuję pamięć RAM 1 kość po 4 godzinach Memtesta okazała się sprawna , druga zapewne nie będzie gorsza. Dysk sprawny (skanowałem HDTune) zero badów i innych nieprawidłowości. Zasilacz daje żelazne napięcia. CO nam pozostało? MOBO i GRAFIKA bo bios na czas instalacji przywróciłem do standardowych wartości. Nie wiem co mam robić. Sformatuję dysk raz jeszcze na nowo wgrywając W7 i zostaje mi oddanie grafiki na gwarancję. Nie mam już pomysłu skoro sterowniki sypią wszystko na 2 systemach i sprawdzałem 4 wersje sterowników to chyba wina leży po stronie fizycznej karty. Nic pozostaje nadzieja że to właśnie tu tkwi problem. Ewentualnie wyślę jeszcze na gwarancję MOBO.
Dżakub komentarz 5 lutego 2011 komentarz 5 lutego 2011 Może spróbuj XP 32bit zainstalować (przy włożonych tylko dwóch kościach) i zainstaluj jakieś starsze stery. Pozdrawiam i liczę że komputer "wyzdrowieje".
Dracoo komentarz 5 lutego 2011 komentarz 5 lutego 2011 Nawet jak by działał normalnie na XP to jakaś porażka grać na takim w sprzęcie na DX9.. Więc zastanów się troche co radzisz.. Ale faktycznie najprawdopodobniej grafika się wysypała..
Gość komentarz 5 lutego 2011 komentarz 5 lutego 2011 Idzie na serwis razem z płytą a co z tego wyniknie? Nie omieszkam napisać
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.