x-kom hosting

Krytyczne błedy aplikacji i destabilizacja systemu.

Gość
utworzono
utworzono

Proszę o zweryfikowanie błędu który pojawił mi się dziś po włączeniu MAfi 2. Po tym nie da się już uruchomić żadnej aplikacji 3d (paski artefakty, przekłamania błędy kolorowy obraz itp) po ponownym uruchomieniu wszystko wraca do normy do czasu włączenia jakiejkolwiek gry. Deinstalacja sterowników i instalacja oryginalnych dołączonych do karty nic nie dała. Poniżej screeny ukazujące problem.

[URL=http://img593.imageshack.us/i/beztytuuiqz.jpg/][IMG]http://img593.imageshack.us/img593/2229/beztytuuiqz.th.jpg[/IMG][/URL]

Nawet przeglądarka wygląda tak:
[URL=http://img228.imageshack.us/i/333cs.jpg/][IMG]http://img228.imageshack.us/img228/7334/333cs.th.jpg[/IMG][/URL]

proszę o pomoc. Miałem ten sam problem z poprzednią kartą ATI HD4890 ale tam na jednej wersji sterowników ten problem znikał.

Wrzucam kilka logów
DDS:
[log]UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft� Windows Vista� Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 2009-11-28 14:04:39
System Uptime: 2011-02-01 10:03:30 (0 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA770T-UD3P
Processor: AMD Phenom(tm) II X3 720 Processor | Socket M2 | 2100/259mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 98 GiB total, 16,264 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is FIXED (NTFS) - 368 GiB total, 87,048 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP565: 2011-02-01 08:36:47 - Windows Update
RP566: 2011-02-01 09:08:33 - Instalacja pakietu sterownika urz�dzenia: NVIDIA Karty graficzne
RP567: 2011-02-01 09:13:29 - Instalacja pakietu sterownika urz�dzenia: NVIDIA Corporation Kontrolery d�wi�ku, wideo i gier
RP568: 2011-02-01 09:53:48 - Installed NVIDIA PhysX

==== Installed Programs ======================

@BIOS Ver.2.05
3DMark Vantage
3DMark06
7-Zip 4.65
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1 - Polish
ArcaniA - Gothic 4
ArcaniA - Gothic 4 Hotfix
ArcaniA - Gothic 4 Patch
Ashampoo Burning Studio 6 FREE
Avira AntiVir Personal - Free Antivirus
Battlefield: Bad Company� 2
BioShock 2
BitLord 1.1
Bluesoleil2.6.0.9 Release 070606
Browser Configuration Utility
Burger Rush
Call of Duty Modern Warfare 2
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) - World at War(TM) 1.3 Patch
Call of Duty(R) - World at War(TM) 1.4 Patch
Call of Duty(R) - World at War(TM) 1.5 Patch
Call of Duty(R) - World at War(TM) 1.6 Patch
Call of Duty(R) - World at War(TM) 1.7 Patch
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty: Black Ops
Crysis WARHEAD(R)
Crysis WARHEAD(R) Patch
Crysis(R)
Driver Sweeper 2.1.0
EA Download Manager
EVEREST Ultimate Edition v5.30
Fallout New Vegas
Far Cry 2
Farm Frenzy 3 American Pie
Farm Frenzy 3 Madagascar
Fraps
Futuremark SystemInfo
Gadu-Gadu 10
Galeria fotografii us�ugi Windows Live
HD Tune 2.55
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
James Cameron's AVATAR(tm): THE GAME
Junk Mail filter update
LOST PLANET 2
Mafia II - Demo
Malwarebytes' Anti-Malware
Microsoft Choice Guard
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Mozilla Firefox (3.6.13)
MSI Afterburner 2.0.0
MSI Kombustor v1.0.7
MSVCRT
Narz�dzie do przekazywania us�ugi Windows Live
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
Pity 2009
Poczta us�ugi Windows Live
Podstawowe programy Windows Live
Prototype(TM)
PunkBuster Services
Ranch Rush 2 Collectors Edition 1.00
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
RESIDENT EVIL 5
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Skype� 4.1
Spybot - Search & Destroy
Steam
The Sims� 3
The Sims� 3 Kariera
The Sims� 3 Nowoczesny apartament Akcesoria
The Sims� 3 Po zmroku
The Sims� 3 Wymarzone Podr�e
Two Worlds II
Unigine Heaven Benchmark v2.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
WapSter AQQ
Windows Live Communications Platform
Windows Live Messenger
Windows Live Movie Maker
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
XviD MPEG-4 Video Codec

==== End Of File ===========================
[/log]

[log]
DDS (Ver_10-03-17.01) - NTFSX64
Run by Mateusz at 10:26:04,97 on 2011-02-01
Internet Explorer: 8.0.6001.18999
Microsoft� Windows Vista� Ultimate 6.0.6002.2.1250.48.1045.18.4093.2625 [GMT 1:00]

SP: Spybot - Search andSpybot - *disabled* (Updated) 5DADBE9}F-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: AntiVir Desktop *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Spybot - Search and Search *disabled* (Updated) -8E3C85DF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Search Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C8-8E3C8-8
SP: Search Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C8-8E3C85D

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Fraps 3.2.3\fraps.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files\CoreTemp\CoreTemp64\Core Temp.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
G:\Gry\Mafia 2 Demo\steam.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Fraps 3.2.3\fraps64.dat
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
G:\Patche i programy do instalacji\dds.scr
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.pozyczka-kredyty.pl
mLocal Page = c:\windows\syswow64\blank.htm
uURLSearchHooks: DeviceVM Url Search Hook: {0063bf63-bfff-4b8f-9d26-4267df7f17dd} - c:\windows\syswow64\dvmurl.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: RadioBar Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b315} -
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AQQ] c:\progra~2\wapster\wapste~1\AQQ.exe
uRun: [BitComet] "c:\program files (x86)\bitlord\BitLord.exe"
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Steam] "g:\gry\mafia 2 demo\steam.exe" -silent
mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&ksport do programu Microsoft Excel - c:\progra~2\mi1933~1\office11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {5B291E6C-9A74-4034-971B-A4B007A0B315} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s
STS-X64: {E31004D1-A431-41B8-826F-E902F9D95C81}: Windows DreamScene
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\mateusz\appdata\roaming\mozilla\firefox\profiles\2sma3vnk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.interia.pl/
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgba3a4f16a", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgba3a4fra", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\avira\antivir desktop\sched.exe [2009-11-28 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files (x86)\avira\antivir desktop\avguard.exe [2009-11-28 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-28 83120]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x64.sys [2009-11-28 19432]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-7-10 21480]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-7-3 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-6-14 248936]
R3 FontCache;Us�ug systemu Windows buforowania czcionek;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-2 27648]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-2-1 86120]
R3 RTCore64;RTCore64;c:\program files (x86)\msi afterburner\RTCore64.sys [2010-8-31 14648]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe --> c:\windows\system32\atiesrxx.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AmdLLD64;AMD Low Level Device Driver;c:\windows\system32\drivers\AmdLLD64.sys [2010-4-20 47672]
S3 ENTECH64;ENTECH64;c:\windows\system32\drivers\Entech64.sys [2009-12-18 12744]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\lavalys\everest ultimate edition\kerneld.amd64 [2010-11-20 26240]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-12-14 61280]
S3 fsssvc;Funkcja Bezpiecze�stwo rodzinne us�ugi Windows Live;c:\program files (x86)\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 PerfHost;Host bibliotek DLL licznik�w wydajno�ci;c:\windows\syswow64\perfhost.exe [2009-12-2 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-12-4 89920]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2011-02-01 08:23:51 37109 ----a-w- c:\programdata\nvModes.dat
2011-02-01 08:13:21 86120 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2011-02-01 08:13:21 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2011-02-01 08:13:21 255592 ----a-w- c:\windows\system32\nvcohda6.dll
2011-02-01 08:13:17 0 d-----w- C:\NVIDIA
2011-02-01 08:12:34 0 d-----w- c:\programdata\NVIDIA
2011-02-01 08:10:15 0 d-----w- c:\program files (x86)\NVIDIA Corporation
2011-02-01 08:09:12 0 d-----w- c:\programdata\NVIDIA Corporation
2011-02-01 08:09:06 0 d-----w- c:\program files\NVIDIA Corporation
2011-02-01 08:08:20 10787 ----a-w- c:\windows\system32\nvinfo.pb
2011-01-28 22:58:07 0 d-----w- c:\program files (x86)\MSI Kombustor
2011-01-26 10:57:10 0 d-----w- C:\GvTemp
2011-01-23 17:33:39 0 d-----w- c:\windows\usgwmt
2011-01-23 15:22:31 2250024 ----a-w- c:\windows\syswow64\pbsvc.exe
2011-01-21 11:07:47 0 d-----w- c:\program files (x86)\common files\Futuremark Shared
2011-01-21 11:07:28 0 d-----w- c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2011-01-21 09:50:26 215128 ----a-w- c:\windows\syswow64\PnkBstrB.exe
2011-01-21 09:50:12 75064 ----a-w- c:\windows\syswow64\PnkBstrA.exe
2011-01-20 17:50:01 0 d-sh--w- c:\programdata\SecuROM
2011-01-14 21:29:42 466944 ----a-w- c:\windows\system32\odbc32.dll
2011-01-14 21:29:42 413696 ----a-w- c:\windows\syswow64\odbc32.dll
2011-01-14 21:29:38 1251840 ----a-w- c:\windows\system32\sdclt.exe
2011-01-11 10:47:38 0 d-----w- c:\program files (x86)\MSI Afterburner
2011-01-11 10:22:40 3407 ----a-w- c:\users\mateusz\unigine_20110111_1122.htmlGTX460 dx10
2011-01-11 10:14:40 3405 ----a-w- c:\users\mateusz\unigine_20110111_1114.htmlGTX460
2011-01-11 09:39:00 0 d-----w- c:\users\mateusz\appdata\roaming\NVIDIA

==================== Find3M ====================

2011-02-01 08:14:41 51200 ----a-w- c:\windows\inf\infpub.dat
2011-02-01 08:14:41 143360 ----a-w- c:\windows\inf\infstrng.dat
2011-02-01 08:13:36 86016 ----a-w- c:\windows\inf\infstor.dat
2011-01-30 19:14:59 671902 ----a-w- c:\windows\system32\perfh015.dat
2011-01-30 19:14:59 130310 ----a-w- c:\windows\system32\perfc015.dat
2011-01-27 10:58:52 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-27 10:58:52 444952 ----a-w- c:\windows\syswow64\wrap_oal.dll
2011-01-27 10:58:52 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-27 10:58:51 109080 ----a-w- c:\windows\syswow64\OpenAL32.dll
2011-01-16 20:56:59 472808 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-12-10 08:59:39 23080 ----a-w- c:\windows\gdrv.sys
2010-11-06 11:18:48 500224 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-06 11:18:27 655872 ----a-w- c:\windows\system32\taskschd.dll
2010-11-06 11:18:27 410112 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-06 11:18:13 855040 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 23:58:17 267776 ----a-w- c:\windows\system32\taskeng.exe
2010-11-04 18:55:38 352768 ----a-w- c:\windows\syswow64\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\syswow64\taskcomp.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\syswow64\taskeng.exe
2009-12-05 22:32:15 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-01-01 19:11:37 174 --sha-w- c:\program files\desktop.ini
2009-01-01 19:11:37 174 --sha-w- c:\program files (x86)\desktop.ini
2006-12-05 07:10:27 37468 ----a-w- c:\windows\inf\perflib\0415\perfd.dat
2006-12-05 07:10:27 37468 ----a-w- c:\windows\inf\perflib\0415\perfc.dat
2006-12-05 07:10:27 332832 ----a-w- c:\windows\inf\perflib\0415\perfi.dat
2006-12-05 07:10:27 332832 ----a-w- c:\windows\inf\perflib\0415\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2010-08-29 10:04:09 262144 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2010-10-08 19:48:03 164352 --sh--w- c:\windows\syswow64\SC.dll

============= FINISH: 10:27:39,64 ===============
[/log]

Rsit:
[log]info.txt logfile of random's system information tool 1.08 2011-02-01 10:32:33

======Uninstall list======

@BIOS Ver.2.05-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\setup.exe" -l0x9 -removeonly
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
3DMark Vantage-->"C:\Program Files (x86)\InstallShield Installation Information\{C40C3C3D-97CF-44B5-836C-766E374464B3}\setup.exe" -runfromtemp -l0x0009 -removeonly
3DMark06-->"C:\Program Files (x86)\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -runfromtemp -l0x0009 -removeonly
7-Zip 4.65-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.4.1 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A94000000001}
ArcaniA - Gothic 4 Hotfix-->"G:\Gry\Gothic 4\ArcaniA - Gothic 4\unins000.exe"
ArcaniA - Gothic 4 Patch-->"G:\Gry\Gothic 4\ArcaniA - Gothic 4\unins001.exe"
ArcaniA - Gothic 4-->"G:\Gry\Gothic 4\ArcaniA - Gothic 4\uninstall.exe"
Ashampoo Burning Studio 6 FREE-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlefield: Bad Company� 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
BioShock 2-->"C:\Program Files (x86)\InstallShield Installation Information\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}\setup.exe" -runfromtemp -l0x0409 -removeonly
BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000028301}
BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000028302}
BitLord 1.1-->C:\Program Files (x86)\BitLord\uninst.exe
Bluesoleil2.6.0.9 Release 070606-->MsiExec.exe /X{846AC73B-9394-48B9-B941-8F7F472F0047}
Browser Configuration Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{E8AEA11B-E60A-455E-B008-E4E763604612}\setup.exe" -runfromtemp -l0x0009 -removeonly
Burger Rush-->"C:\Windows\Burger Rush\uninstall.exe" "/U:G:\Gry\Ola\Burger rush\Uninstall\uninstall.xml"
Call of Duty Modern Warfare 2-->"G:\Gry\Modern Warfare 2\Modern Warfare 2\unins000.exe"
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.3 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{750C87B8-AF19-4C3C-B791-50D9C83AE572}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops-->"G:\Gry\Call of Duty - Black Ops\unins000.exe"
Crysis WARHEAD(R) Patch-->"C:\ProgramData\{ADCC9DAF-34D1-4565-92F1-DDB872DCF596}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R) Patch-->C:\ProgramData\{ADCC9DAF-34D1-4565-92F1-DDB872DCF596}\setup.exe
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Driver Sweeper 2.1.0-->"C:\Program Files (x86)\Phyxion.net\Driver Sweeper\unins000.exe"
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUI\EADMUninstall.exe
EVEREST Ultimate Edition v5.30-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Fallout New Vegas-->"G:\Gry\Fallout New Vegas\Fallout New Vegas\unins000.exe"
Far Cry 2-->"C:\Program Files (x86)\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0009 -removeonly
Farm Frenzy 3 American Pie-->"C:\Windows\Farm Frenzy 3 American Pie\uninstall.exe" "/U:G:\Gry\Ola\farm frenzy\Uninstall\uninstall.xml"
Farm Frenzy 3 Madagascar-->"G:\Gry\Ola\farm frenzy madagaskar\uninstall.exe" "/U:G:\Gry\Ola\farm frenzy madagaskar\Uninstall\uninstall.xml"
Fraps-->"C:\Program Files\Fraps 3.2.3\uninstall.exe"
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe
Galeria fotografii us�ugi Windows Live-->MsiExec.exe /X{E39C185F-1240-4BA7-A03B-4FD99805D63E}
HD Tune 2.55-->"C:\Program Files (x86)\HD Tune\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
James Cameron's AVATAR(tm): THE GAME-->"C:\Program Files (x86)\InstallShield Installation Information\{7E19B002-4CA3-4C9F-BA92-91D101B97219}\setup.exe" -runfromtemp -l0x0009 -removeonly
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
LOST PLANET 2-->MsiExec.exe /X{737369DC-08E8-4787-A78C-F86943247BDF}
Mafia II - Demo-->"G:\Gry\Mafia 2 Demo\steam.exe" steam://uninstall/50280
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{06E6E30D-B498-442F-A943-07DE41D7F785}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSI Afterburner 2.0.0-->"C:\Program Files (x86)\MSI Afterburner\uninstall.exe"
MSI Kombustor v1.0.7-->"C:\Program Files (x86)\MSI Kombustor\unins000.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Narz�dzie do przekazywania us�ugi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Pity 2009-->"C:\Program Files (x86)\Pity 2009\unins000.exe"
Poczta us�ugi Windows Live-->MsiExec.exe /I{C35FE07E-24B5-410F-85B7-122087A0C7DD}
Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Podstawowe programy Windows Live-->MsiExec.exe /I{C5096D00-8B9C-41DB-8472-9D721E982DF0}
Prototype(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\Setup.EXE -runfromtemp -l0x0409
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Ranch Rush 2 Collectors Edition 1.00-->G:\Gry\Ola\Ranch Rush 2 Collectors Edition\Uninstall.exe
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup1.exe -runfromtemp -l0x0015 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
RESIDENT EVIL 5-->MsiExec.exe /X{AC08BBA0-96B9-431A-A7D0-D8598E493775}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {8EAF4926-5B5D-398A-BA46-4603D8095BDE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Skype� 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
The Sims� 3 Kariera-->"C:\Program Files (x86)\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\Sims3EP02Setup.exe" -runfromtemp -l0x0015 -removeonly
The Sims� 3 Nowoczesny apartament Akcesoria-->"C:\Program Files (x86)\InstallShield Installation Information\{71828142-5A24-4BD0-97E7-976DA08CE6CF}\Sims3SP01Setup.exe" -runfromtemp -l0x0015 -removeonly
The Sims� 3 Po zmroku-->"C:\Program Files (x86)\InstallShield Installation Information\{45057FCE-5784-48BE-8176-D9D00AF56C3C}\Sims3EP03Setup.exe" -runfromtemp -l0x0015 -removeonly
The Sims� 3 Wymarzone Podr�e-->"C:\Program Files (x86)\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\Sims3EP01Setup.exe" -runfromtemp -l0x0015 -removeonly
The Sims� 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0015 -removeonly
Two Worlds II-->G:\Gry\Two Worlds 2\Two Worlds II\Uninstall.exe
Unigine Heaven Benchmark v2.1-->MsiExec.exe /I{38468127-9E6F-4FC9-B5F7-42D4AD437D96}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
WapSter AQQ-->C:\Program Files (x86)\WapSter\WapSter AQQ\uninstall.exe
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Messenger-->MsiExec.exe /X{4D5219EC-BFF8-4B7F-AB92-6D827BB37CB0}
Windows Live Movie Maker-->MsiExec.exe /X{AA7B0DE4-E3CA-443F-B1CF-418431664C63}
Windows Live Sync-->MsiExec.exe /X{E580DFEA-3F1D-4B56-9115-984217032FF5}
Windows Live Toolbar-->MsiExec.exe /X{6B6CD6E1-E8F9-4E6E-BB8D-89C57D98A9DD}
Windows Live Writer-->MsiExec.exe /X{9AB614A6-719C-4A6E-A63E-831E0A35F62A}
XviD MPEG-4 Video Codec-->"C:\Program Files (x86)\XviD\unins000.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AS: Spybot - Search andSpybot - (disabled)
AS: AntiVir Desktop
AS: Spybot - Search and Destroy (disabled)
AS: Spybot - Search and Search (disabled)
AS: Windows Defender
AS: Search Search and Destroy (disabled) (outdated)
AS: Search Search and Destroy (disabled) (outdated)

======System event log======

Computer Name: Mateusz-PC
Event Code: 4376
Message: Obs�uga za��da�a ponownego uruchomienia w celu uko�czenia operacji nadawania pakietowi KB2345886(Update) stanu ��dana instalacja(Install Requested).
Record Number: 206833
Source Name: Microsoft-Windows-Servicing
Time Written: 20101013210711.000000-000
Event Type: Ostrze�enie
User: ZARZ�DZANIE NT\SYSTEM

Computer Name: Mateusz-PC
Event Code: 4386
Message: Obs�uga systemu Windows za��da�a ponownego uruchomienia w celu uko�czenia zmieniania stanu aktualizacji 2345886-79_neutral_GDR z pakietu KB2345886(Update) na ��dana instalacja(Install Requested).
Record Number: 206832
Source Name: Microsoft-Windows-Servicing
Time Written: 20101013210711.000000-000
Event Type: Informacje
User: ZARZ�DZANIE NT\SYSTEM

Computer Name: Mateusz-PC
Event Code: 4376
Message: Obs�uga za��da�a ponownego uruchomienia w celu uko�czenia operacji nadawania pakietowi KB2345886(Update) stanu ��dana instalacja(Install Requested).
Record Number: 206831
Source Name: Microsoft-Windows-Servicing
Time Written: 20101013210711.000000-000
Event Type: Ostrze�enie
User: ZARZ�DZANIE NT\SYSTEM

Computer Name: Mateusz-PC
Event Code: 4386
Message: Obs�uga systemu Windows za��da�a ponownego uruchomienia w celu uko�czenia zmieniania stanu aktualizacji 2345886-81_neutral_PACKAGE z pakietu KB2345886(Update) na ��dana instalacja(Install Requested).
Record Number: 206830
Source Name: Microsoft-Windows-Servicing
Time Written: 20101013210711.000000-000
Event Type: Informacje
User: ZARZ�DZANIE NT\SYSTEM

Computer Name: Mateusz-PC
Event Code: 4376
Message: Obs�uga za��da�a ponownego uruchomienia w celu uko�czenia operacji nadawania pakietowi KB2345886(Update) stanu ��dana instalacja(Install Requested).
Record Number: 206829
Source Name: Microsoft-Windows-Servicing
Time Written: 20101013210711.000000-000
Event Type: Ostrze�enie
User: ZARZ�DZANIE NT\SYSTEM

=====Application event log=====

Computer Name: Mateusz-PC
Event Code: 10000
Message: Rozpoczynanie sesji 1 � 2010-04-06T19:16:22.107Z.
Record Number: 16133
Source Name: Microsoft-Windows-RestartManager
Time Written: 20100406191622.107713-000
Event Type: Informacje
User: Mateusz-PC\Mateusz

Computer Name: Mateusz-PC
Event Code: 10001
Message: Ko�czenie sesji 1 (rozpocz�cie: 2010-04-06T19:16:21.547Z).
Record Number: 16132
Source Name: Microsoft-Windows-RestartManager
Time Written: 20100406191621.840713-000
Event Type: Informacje
User: Mateusz-PC\Mateusz

Computer Name: Mateusz-PC
Event Code: 10000
Message: Rozpoczynanie sesji 1 � 2010-04-06T19:16:21.547Z.
Record Number: 16131
Source Name: Microsoft-Windows-RestartManager
Time Written: 20100406191621.547713-000
Event Type: Informacje
User: Mateusz-PC\Mateusz

Computer Name: Mateusz-PC
Event Code: 1042
Message: Ko�czenie transakcji Instalatora Windows: g:\0b574054b5d15a92780b8bb9\pkg\gfwlclient.msi. Identyfikator procesu klienta: 1400.
Record Number: 16130
Source Name: MsiInstaller
Time Written: 20100406191622.000000-000
Event Type: Informacje
User: ZARZ�DZANIE NT\SYSTEM

Computer Name: Mateusz-PC
Event Code: 1033
Message: Instalator Windows zainstalowa� produkt. Nazwa produktu: Microsoft Games for Windows - LIVE. Wersja produktu: 3.0.86.0. J�zyk produktu: 1033. Stan powodzenia lub b��du instalacji: 0.
Record Number: 16129
Source Name: MsiInstaller
Time Written: 20100406191622.000000-000
Event Type: Informacje
User: Mateusz-PC\Mateusz

=====Security event log=====

Computer Name: Mateusz-PC
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpiecze�: S-1-5-19
Nazwa konta: US�UGA LOKALNA
Domena konta: ZARZ�DZANIE NT
Identyfikator logowania: 0x3e5

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 68538
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101007210623.112512-000
Event Type: Sukces inspekcji
User:

Computer Name: Mateusz-PC
Event Code: 4624
Message: U�ytkownik pomy�lnie zalogowa� si� na koncie.

Podmiot:
Identyfikator zabezpiecze�: S-1-5-18
Nazwa konta: MATEUSZ-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpiecze�: S-1-5-19
Nazwa konta: US�UGA LOKALNA
Domena konta: ZARZ�DZANIE NT
Identyfikator logowania: 0x3e5
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x2b8
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres �r�d�owy sieci: -
Port �r�d�owy: -

Szczeg�owe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Us�ugi przej�ciowe: -
Nazwa pakietu (tylko NTLM): -
D�ugo�� klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do kt�rego zosta� uzyskany dost�p.

Pola podmiotu wskazuj� konto w systemie lokalnym, kt�re za��da�o logowania. Najcz�ciej jest to us�uga, na przyk�ad us�uga Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistnia�ego logowania. Najcz�stsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazuj� konto, dla kt�rego zosta�o utworzone nowe logowanie, czyli konto, kt�re zosta�o zalogowane.

Pola sieci wskazuj� lokalizacj�, z kt�rej pochodzi�o zdalne ��danie logowania. Nazwa stacji roboczej nie zawsze jest dost�pna i w niekt�rych przypadkach mo�e by� pusta.

Pola informacji o uwierzytelnianiu zawieraj� szczeg�owe informacje o tym konkretnym ��daniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomoc� kt�rego mo�na skorelowa� to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Us�ugi przej�ciowe wskazuj�, kt�re us�ugi po�rednie uczestniczy�y w tym ��daniu logowania.
- Nazwa pakietu wskazuje, kt�ry protok� podrz�dny spo�r�d protoko��w NTLM zosta� u�yty.
- D�ugo�� klucza wskazuje d�ugo�� wygenerowanego klucza sesji. Je�li nie za��dano klucza sesji, jest to warto�� 0.
Record Number: 68537
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101007210623.112512-000
Event Type: Sukces inspekcji
User:

Computer Name: Mateusz-PC
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpiecze�: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZ�DZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 68536
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101007210623.050112-000
Event Type: Sukces inspekcji
User:

Computer Name: Mateusz-PC
Event Code: 4624
Message: U�ytkownik pomy�lnie zalogowa� si� na koncie.

Podmiot:
Identyfikator zabezpiecze�: S-1-5-18
Nazwa konta: MATEUSZ-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpiecze�: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZ�DZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x2b8
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres �r�d�owy sieci: -
Port �r�d�owy: -

Szczeg�owe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Us�ugi przej�ciowe: -
Nazwa pakietu (tylko NTLM): -
D�ugo�� klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do kt�rego zosta� uzyskany dost�p.

Pola podmiotu wskazuj� konto w systemie lokalnym, kt�re za��da�o logowania. Najcz�ciej jest to us�uga, na przyk�ad us�uga Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistnia�ego logowania. Najcz�stsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazuj� konto, dla kt�rego zosta�o utworzone nowe logowanie, czyli konto, kt�re zosta�o zalogowane.

Pola sieci wskazuj� lokalizacj�, z kt�rej pochodzi�o zdalne ��danie logowania. Nazwa stacji roboczej nie zawsze jest dost�pna i w niekt�rych przypadkach mo�e by� pusta.

Pola informacji o uwierzytelnianiu zawieraj� szczeg�owe informacje o tym konkretnym ��daniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomoc� kt�rego mo�na skorelowa� to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Us�ugi przej�ciowe wskazuj�, kt�re us�ugi po�rednie uczestniczy�y w tym ��daniu logowania.
- Nazwa pakietu wskazuje, kt�ry protok� podrz�dny spo�r�d protoko��w NTLM zosta� u�yty.
- D�ugo�� klucza wskazuje d�ugo�� wygenerowanego klucza sesji. Je�li nie za��dano klucza sesji, jest to warto�� 0.
Record Number: 68535
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101007210623.050112-000
Event Type: Sukces inspekcji
User:

Computer Name: Mateusz-PC
Event Code: 4648
Message: Podj�to pr�b� logowania przy u�yciu jawnych po�wiadcze�.

Podmiot:
Identyfikator zabezpiecze�: S-1-5-18
Nazwa konta: MATEUSZ-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Konto, kt�rego po�wiadczenia zosta�y u�yte:
Nazwa konta: SYSTEM
Domena konta: ZARZ�DZANIE NT
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Serwer docelowy:
Nazwa serwera docelowego: localhost
Informacje dodatkowe: localhost

Informacje o procesie:
Identyfikator procesu: 0x2b8
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Adres sieciowy: -
Port: -

To zdarzenie jest generowane, gdy proces podejmie pr�b� zalogowania si� na koncie, okre�laj�c w spos�b jawny po�wiadczenia konta. To zdarzenie najcz�ciej wyst�puje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas u�ywania polecenia RUNAS.
Record Number: 68534
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101007210623.050112-000
Event Type: Sukces inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft Windows Performance Toolkit\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0402
"NUMBER_OF_PROCESSORS"=3

-----------------EOF-----------------
[/log]

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Mateusz at 2011-02-01 10:32:23
Microsoft� Windows Vista� Ultimate Service Pack 2
System drive C: has 17 GB (17%) free of 100 GB
Total RAM: 4093 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:32, on 2011-02-01
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Program Files\Fraps 3.2.3\fraps.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
G:\Gry\Mafia 2 Demo\steam.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\conime.exe
G:\Patche i programy do instalacji\GMER.exe
G:\Patche i programy do instalacji\RSIT.exe
C:\Program Files (x86)\trend micro\Mateusz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pozyczka-kredyty.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files (x86)\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "G:\Gry\Mafia 2 Demo\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'US�UGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'US�UGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'US�UGA SIECIOWA')
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8571 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-11-10 281768]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240]
"AQQ"=C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe [2010-12-24 8790016]
"BitComet"=C:\Program Files (x86)\BitLord\BitLord.exe [2005-05-07 2224128]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"Steam"=G:\Gry\Mafia 2 Demo\steam.exe [2011-01-20 1242448]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2011-02-01 10:32:23 ----D---- C:\rsit
2011-02-01 09:54:04 ----SHD---- C:\Config.Msi
2011-02-01 09:23:26 ----ASH---- C:\hiberfil.sys
2011-02-01 09:13:17 ----D---- C:\NVIDIA
2011-02-01 09:12:34 ----D---- C:\ProgramData\NVIDIA
2011-02-01 09:10:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-02-01 09:09:12 ----D---- C:\ProgramData\NVIDIA Corporation
2011-01-28 23:58:07 ----D---- C:\Program Files (x86)\MSI Kombustor
2011-01-26 11:57:10 ----D---- C:\GvTemp
2011-01-23 18:33:39 ----D---- C:\Windows\usgwmt
2011-01-23 16:22:31 ----A---- C:\Windows\SysWOW64\pbsvc.exe
2011-01-21 12:07:47 ----D---- C:\Program Files (x86)\Common Files\Futuremark Shared
2011-01-21 12:07:28 ----D---- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2011-01-21 10:50:26 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2011-01-21 10:50:12 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe
2011-01-20 18:50:01 ----SHD---- C:\ProgramData\SecuROM
2011-01-14 22:29:42 ----A---- C:\Windows\SysWOW64\odbc32.dll
2011-01-11 11:47:38 ----D---- C:\Program Files (x86)\MSI Afterburner
2011-01-11 10:39:00 ----D---- C:\Users\Mateusz\AppData\Roaming\NVIDIA
2011-01-05 08:11:36 ----D---- C:\Program Files (x86)\Common Files\Adobe
2011-01-05 08:11:36 ----D---- C:\Program Files (x86)\Adobe
2010-12-20 18:46:57 ----D---- C:\Program Files (x86)\Electronic Arts
2010-12-16 08:55:16 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-12-16 08:55:04 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-12-16 08:55:02 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\occache.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iesetup.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iernonce.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-12-16 08:55:01 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-12-16 08:54:59 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-12-16 08:54:59 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-12-16 08:54:59 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-12-16 08:54:55 ----A---- C:\Windows\SysWOW64\taskschd.dll
2010-12-16 08:54:55 ----A---- C:\Windows\SysWOW64\taskeng.exe
2010-12-16 08:54:55 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2010-12-03 14:46:05 ----D---- C:\Users\Mateusz\AppData\Roaming\Ashampoo
2010-12-03 14:45:59 ----D---- C:\ProgramData\ashampoo
2010-12-03 14:45:56 ----D---- C:\Program Files (x86)\Ashampoo
2010-12-03 14:37:36 ----D---- C:\Users\Mateusz\AppData\Roaming\Nero
2010-12-03 14:36:31 ----D---- C:\ProgramData\Nero
2010-11-26 23:56:15 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2010-11-26 23:56:15 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2010-11-26 23:56:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2010-11-26 23:56:13 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2010-11-20 22:32:07 ----D---- C:\Program Files (x86)\Futuremark
2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2010-11-16 17:23:10 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2010-11-08 09:54:30 ----D---- C:\Program Files (x86)\Unigine

======List of files/folders modified in the last 3 months======

2011-02-01 10:32:30 ----D---- C:\Windows\Temp
2011-02-01 10:32:28 ----D---- C:\Program Files (x86)\trend micro
2011-02-01 09:54:11 ----SHD---- C:\Windows\Installer
2011-02-01 09:53:50 ----SHD---- C:\System Volume Information
2011-02-01 09:24:20 ----D---- C:\Windows
2011-02-01 09:23:52 ----HD---- C:\ProgramData
2011-02-01 09:13:41 ----D---- C:\Windows\System32
2011-02-01 09:13:37 ----D---- C:\Windows\inf
2011-02-01 09:10:43 ----D---- C:\Windows\Help
2011-02-01 09:10:15 ----RD---- C:\Program Files (x86)
2011-02-01 09:09:11 ----D---- C:\Windows\SysWOW64
2011-02-01 09:09:06 ----RD---- C:\Program Files
2011-02-01 09:07:03 ----D---- C:\Windows\Prefetch
2011-02-01 09:04:06 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-02-01 09:04:03 ----D---- C:\Windows\Minidump
2011-01-27 11:58:52 ----D---- C:\Program Files (x86)\OpenAL
2011-01-27 11:58:52 ----A---- C:\Windows\SysWOW64\wrap_oal.dll
2011-01-27 11:58:51 ----A---- C:\Windows\SysWOW64\OpenAL32.dll
2011-01-26 12:00:38 ----D---- C:\Program Files (x86)\GIGABYTE
2011-01-26 11:54:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-25 22:56:41 ----D---- C:\Program Files (x86)\Common Files
2011-01-23 16:25:07 ----RSD---- C:\Windows\assembly
2011-01-21 11:53:21 ----D---- C:\Users\Mateusz\AppData\Roaming\Bioshock2
2011-01-20 19:55:36 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-01-20 19:32:01 ----D---- C:\Program Files (x86)\Common Files\Steam
2011-01-16 21:56:59 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2011-01-16 17:26:15 ----D---- C:\Windows\Debug
2011-01-14 22:30:37 ----D---- C:\Windows\winsxs
2011-01-11 10:03:17 ----D---- C:\Users\Mateusz\AppData\Roaming\ATI
2011-01-09 00:21:11 ----D---- C:\ProgramData\OpenFM
2011-01-05 08:11:39 ----D---- C:\ProgramData\Adobe
2010-12-22 09:30:15 ----D---- C:\Windows\SysWOW64\directx
2010-12-20 18:58:07 ----D---- C:\ProgramData\Electronic Arts
2010-12-17 09:55:34 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-12-16 09:20:14 ----D---- C:\Windows\rescache
2010-12-16 09:01:19 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-16 09:01:18 ----D---- C:\Windows\SysWOW64\migration
2010-12-16 09:01:14 ----D---- C:\Windows\SysWOW64\pl-PL
2010-12-16 09:01:14 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-13 10:57:16 ----D---- C:\ProgramData\Media Center Programs
2010-12-11 20:03:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-08 10:10:22 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-12-05 10:18:21 ----A---- C:\Windows\GSetup.ini
2010-11-25 23:45:51 ----D---- C:\Program Files (x86)\Gry.Pl
2010-11-11 19:06:30 ----D---- C:\Program Files (x86)\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 24976]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 49680]
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys []
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 ALSysIO;ALSysIO; \??\C:\Users\Mateusz\AppData\Local\Temp\ALSysIO64.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-05-11 38160]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 37648]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-05-23 19728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys []
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-08-31 14648]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 47120]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 63248]
S3 aio92p4b;aio92p4b; C:\Windows\SysWOW64\drivers\aio92p4b.sys []
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
S3 AmdLLD64;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD64.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-23 44688]
S3 cpuz130;cpuz130; \??\C:\Users\Mateusz\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 cpuz131;cpuz131; \??\C:\Users\Mateusz\AppData\Local\Temp\cpuz131\cpuz_x64.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2004-06-22 5632]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2009-10-02 26240]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-12-10 23080]
S3 GPU-Z;GPU-Z; \??\C:\Users\Mateusz\AppData\Local\Temp\GPU-Z.sys []
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla us�ugi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Serwer proxy us�ugi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Serwer proxy mened�era jako�ci Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys []
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-10 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-12-09 267944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-21 75064]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-14 248936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-20 407336]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 fsssvc;Funkcja Bezpiecze�stwo rodzinne us�ugi Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------
[/log]

GMER:
[URL=http://img823.imageshack.us/i/beztytuussz.jpg/][IMG]http://img823.imageshack.us/img823/8185/beztytuussz.th.jpg[/IMG][/URL]

[color="#0000FF"]//Wstawiam w tagi
//Tom01[/color]

Tomek01
komentarz
komentarz

A nie mógłbyś wstawić tych logów w tagi ? ;)

Patrzyłeś w podglądzie zdarzeń ?
Czy pojawiał Ci się Bsod ?

Log z Gmer także, ale na czas wykonania logów odinstaluj sterownik sptd.sys moraz jednostki emulujące napęd, Deamon Tools, Alcohol.

Gość
komentarz
komentarz

BBC code z forum mi nie działa. Niebieskich nie było gdyby sie pojawiły dałbym od razu kod błędu ;) a po tym kodzie ze screena nie jesteś w stanie zdiagnozować co jest nie tak? Alkohola nie mam a Deamona dawno odinstalowałem. Jaki log z GMER ? On tworzy logi ? Bo nic mi nie wiadomo. Proszę o pomoc bo jestem bliski stawiania systemu od nowa a nie chciałbym aby na WIndows 7 było to samo...

Tomek01
komentarz
komentarz

Widzę na razie tylko jednego trojana: dvmurl.dll
Metro2033.exe to ewidentnie błąd konkretnej gry.
A co się pojawia gdy uruchamiasz inne gry ?

Koniecznie pokaż mi też logi OTL.

Gość
komentarz
komentarz

Napisze tak przy odpaleniu Mafii 2 wyskoczył mi ten komunikat ze screena i potem żadna aplikacja 3D nie uruchomiła się poprawie. Wszystkie kraszowało i zamykało z błędami.

[log]OTL logfile created on: 2011-02-01 23:29:44 - Run 6
OTL by OldTimer - Version 3.2.6.0 Folder = G:\Patche i programy do instalacji
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
14,00 Gb Paging File | 12,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): c:\pagefile.sys 6138 6138g:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 11,94 Gb Free Space | 12,23% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 368,10 Gb Total Space | 121,90 Gb Free Space | 33,12% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MATEUSZ-PC
Current User Name: Mateusz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-01-21 10:50:12 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-12-24 09:27:32 | 008,790,016 | ---- | M] (Creative Team S.A.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
PRC - [2010-12-11 20:03:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-12-11 20:03:43 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-12-09 12:15:26 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-11-10 00:19:04 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-11-10 00:19:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010-08-31 04:04:16 | 000,355,640 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2010-06-15 03:18:32 | 002,176,944 | ---- | M] (Beepa P/L) -- C:\Program Files\Fraps 3.2.3\fraps.exe
PRC - [2010-06-14 00:05:14 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010-06-13 13:30:26 | 000,572,416 | ---- | M] (OldTimer Tools) -- G:\Patche i programy do instalacji\OTL.exe
PRC - [2010-05-14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009-01-26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2005-05-07 01:47:08 | 002,224,128 | ---- | M] (www.BitLord.com) -- C:\Program Files (x86)\BitLord\BitLord.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-06-15 02:54:34 | 000,206,768 | ---- | M] (Beepa P/L) -- C:\Program Files\Fraps 3.2.3\fraps32.dll
MOD - [2010-06-13 13:30:26 | 000,572,416 | ---- | M] (OldTimer Tools) -- G:\Patche i programy do instalacji\OTL.exe
MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2008-01-19 08:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2009-09-25 02:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2009-08-18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:[b]64bit:[/b] - [2009-04-11 08:11:27 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:[b]64bit:[/b] - [2009-04-11 08:11:14 | 000,604,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:[b]64bit:[/b] - [2009-04-11 08:11:04 | 001,149,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2008-01-19 09:06:50 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2008-01-19 09:00:52 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2008-01-19 09:00:17 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fxssvc.exe -- (Fax)
SRV - [2011-01-21 10:50:12 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-12-09 12:15:26 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-11-10 00:19:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-06-14 00:05:14 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-05-14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010-04-28 06:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010-03-18 13:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-03-30 05:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009-01-26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2006-11-02 14:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006-11-02 07:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006-11-02 07:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2005-11-14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-11-24 09:37:27 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2010-07-09 12:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2010-03-10 02:48:28 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2010-03-02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2009-12-14 17:10:17 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2009-12-05 13:04:16 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2009-12-05 13:04:12 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2009-10-01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009-08-05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2009-04-22 13:32:22 | 000,047,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys -- (AmdLLD64)
DRV:[b]64bit:[/b] - [2009-04-11 08:15:30 | 000,160,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2009-04-11 06:39:51 | 000,275,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2009-04-11 05:56:24 | 000,460,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:[b]64bit:[/b] - [2009-03-27 01:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:[b]64bit:[/b] - [2008-11-29 07:19:28 | 000,028,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER)
DRV:[b]64bit:[/b] - [2008-11-10 13:26:30 | 000,184,832 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:[b]64bit:[/b] - [2008-04-22 08:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64)
DRV:[b]64bit:[/b] - [2008-01-19 07:38:16 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:[b]64bit:[/b] - [2007-05-23 03:25:18 | 000,019,728 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btnetdrv.sys -- (BT)
DRV:[b]64bit:[/b] - [2007-05-23 03:25:12 | 000,044,688 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btcusb.sys -- (Btcsrusb)
DRV:[b]64bit:[/b] - [2007-05-11 02:12:06 | 000,038,160 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV:[b]64bit:[/b] - [2007-03-05 04:48:12 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV:[b]64bit:[/b] - [2007-03-05 04:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VcommMgr.sys -- (VcommMgr)
DRV:[b]64bit:[/b] - [2007-03-05 04:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VComm.sys -- (VComm)
DRV - [2010-12-10 09:59:39 | 000,023,080 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010-08-31 04:04:20 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009-11-29 14:09:17 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009-11-28 14:01:43 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2009-10-02 00:00:00 | 000,026,240 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 -- (EverestDriver)
DRV - [2007-05-23 03:25:18 | 000,019,728 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\btnetdrv.sys -- (BT)
DRV - [2007-05-23 03:25:12 | 000,044,688 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007-05-11 02:12:06 | 000,038,160 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007-03-05 04:48:12 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007-03-05 04:42:54 | 000,049,680 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2007-03-05 04:41:34 | 000,024,976 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2007-03-05 04:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007-03-05 04:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VComm.sys -- (VComm)
DRV - [2006-09-18 22:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2004-06-22 15:44:50 | 000,005,632 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Entech64.sys -- (ENTECH64)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pozyczka-kredyty.pl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.interia.pl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-11 20:03:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-05 08:12:02 | 000,000,000 | ---D | M]

[2010-06-18 10:58:54 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2011-02-01 08:11:54 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\2sma3vnk.default\extensions
[2010-06-19 13:20:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\2sma3vnk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-01-25 22:56:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-07-17 10:54:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-09-17 20:13:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-10-16 21:23:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-16 21:57:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-10-21 18:56:47 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-10-21 18:56:47 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-10-21 18:56:47 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-10-21 18:56:47 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-10-21 18:56:47 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-10-21 18:56:47 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-01-01 11:44:32 | 000,371,260 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 12799 more lines...
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitLord\BitLord.exe (www.BitLord.com)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O22:[b]64bit:[/b] - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{fad9dc00-dc1d-11de-b760-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fad9dc00-dc1d-11de-b760-806e6f6e6963}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-02-01 11:16:41 | 000,255,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll
[2011-02-01 11:16:41 | 000,086,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011-02-01 11:16:41 | 000,029,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011-02-01 11:16:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011-02-01 11:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011-02-01 11:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011-02-01 09:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011-02-01 09:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011-01-28 23:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Kombustor
[2011-01-26 11:57:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\temp
[2011-01-26 11:57:10 | 000,000,000 | ---D | C] -- C:\GvTemp
[2011-01-23 18:33:39 | 000,000,000 | ---D | C] -- C:\Windows\usgwmt
[2011-01-21 12:07:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared
[2011-01-21 12:07:28 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
[2011-01-20 19:56:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\2K Games
[2011-01-20 18:50:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011-01-16 15:09:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\ArcaniA - Gothic 4
[2011-01-14 22:29:42 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011-01-14 22:29:42 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011-01-14 22:29:38 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2011-01-11 11:47:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2011-01-11 10:39:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\NVIDIA
[2011-01-05 08:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011-01-05 08:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-02-01 23:30:06 | 006,553,600 | -HS- | M] () -- C:\Users\Mateusz\ntuser.dat
[2011-02-01 22:20:23 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011-02-01 22:17:11 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011-02-01 22:17:00 | 000,003,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-02-01 22:17:00 | 000,003,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-02-01 22:16:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011-02-01 22:16:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-02-01 22:16:53 | 4292,403,200 | -HS- | M] () -- C:\hiberfil.sys
[2011-02-01 17:16:23 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\ntuser.dat{93ac0e6a-8d04-11df-b0c0-00241dd5ef78}.TMContainer00000000000000000001.regtrans-ms
[2011-02-01 17:16:23 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\ntuser.dat{93ac0e6a-8d04-11df-b0c0-00241dd5ef78}.TM.blf
[2011-02-01 17:16:20 | 003,724,707 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2011-02-01 12:14:39 | 000,002,432 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Tempte4056.html
[2011-02-01 11:04:38 | 000,001,460 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\d3d9caps64.dat
[2011-02-01 11:04:31 | 000,008,404 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\d3d9caps.dat
[2011-01-30 20:14:59 | 001,495,264 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-01-30 20:14:59 | 000,671,902 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-01-30 20:14:59 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-01-30 20:14:59 | 000,130,310 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-01-30 20:14:59 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-01-27 11:58:52 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-01-27 11:58:52 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-01-27 11:58:52 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011-01-27 11:58:51 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011-01-26 10:54:56 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-01-26 10:54:56 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-01-23 17:11:12 | 000,000,824 | ---- | M] () -- C:\Users\Mateusz\Desktop\Far Cr 2.lnk
[2011-01-23 16:22:31 | 002,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-01-22 19:49:48 | 000,002,432 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\TempmAu552.html
[2011-01-21 10:50:12 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-01-17 08:11:19 | 001,173,920 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2011-01-16 21:56:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011-01-16 15:09:04 | 000,048,128 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-13 09:19:03 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-01-11 11:22:40 | 000,003,407 | ---- | M] () -- C:\Users\Mateusz\unigine_20110111_1122.htmlGTX460 dx10
[2011-01-11 11:14:40 | 000,003,405 | ---- | M] () -- C:\Users\Mateusz\unigine_20110111_1114.htmlGTX460
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-01 12:14:35 | 000,002,432 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\Tempte4056.html
[2011-02-01 11:28:29 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011-02-01 11:28:29 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011-02-01 11:28:07 | 4292,403,200 | -HS- | C] () -- C:\hiberfil.sys
[2011-02-01 09:08:20 | 000,010,787 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011-01-23 17:06:41 | 000,000,824 | ---- | C] () -- C:\Users\Mateusz\Desktop\Far Cr 2.lnk
[2011-01-23 16:22:31 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-01-22 19:49:41 | 000,002,432 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\TempmAu552.html
[2011-01-21 10:50:26 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-01-21 10:50:12 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-01-13 09:19:03 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-01-11 11:22:40 | 000,003,407 | ---- | C] () -- C:\Users\Mateusz\unigine_20110111_1122.htmlGTX460 dx10
[2011-01-11 11:14:40 | 000,003,405 | ---- | C] () -- C:\Users\Mateusz\unigine_20110111_1114.htmlGTX460
[2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010-10-08 20:48:03 | 000,164,352 | -HS- | C] () -- C:\Windows\SysWow64\SC.dll
[2010-02-22 15:28:55 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-02-08 06:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\SysWow64\vfprintpthelper.dll
[2009-12-28 14:14:46 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009-12-11 16:36:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2009-12-04 18:49:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009-12-04 18:48:09 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-12-02 16:57:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2009-11-28 19:58:44 | 000,000,275 | ---- | C] () -- C:\Windows\game.ini
[2009-11-28 14:14:01 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2006-10-08 23:29:22 | 000,032,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\BTNetFilter.sys
[2004-06-06 12:53:42 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2004-06-05 12:56:16 | 000,679,936 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
< End of report >
[/log]

Tomek01
komentarz
komentarz

Wklej do OTL:
[code]:OTL
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)

:Files
C:\Users\Mateusz\AppData\Local\Temp*.html

:Commands
[emtptytemp][/code]
RunFix...


Gigantycznie rozrośnięty hosts:
O1 - Hosts: 12799 more lines...

Wejdź w Start/Uruchom, wklejasz : [b]Notepad C:\windows\System32\drivers\etc\Hosts[/b] - enter.
Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany.

Pokaż tylko nowy log OTL.

Gość
komentarz
komentarz (edytowane)

po usunięciu tego nie da się zapisać tego pliku. Pisze że jest tylko do odczytu a ja nie mam uprawnień choć jako administrator w niego klikam. Nowy log po sunięciu z OTL: [url="http://www.speedyshare.com/files/26632308/OTL.Txt"]http://www.speedysha...6632308/OTL.Txt[/url]

A więc tak dzisiaj rano włączyłem PC który przywitał mnie zresetowaniem sterownika ekranu. Potem nastąpił biały ekran i 3 restarty. Po czym zresetowałem bios baterią. Wyskoczył komunikat CMOS error load failure i nic się nie stało dalej po resecie wyskoczył bluescreen zatytułowany "attempt to display driver and recover from timeout failed" o kodzie:

0x00000116 (0xFFFFFA8007730010, 0xFFFFFA600671C4C0, 0xFFFFFFC00000B5, 0x000000000000000A)

uruchomiłem w trybie awaryjnym ale nawet sterowników do końća nie dało się z panelu usnąc bo witał mnie komunikat " instalator windwos jest uszkodzony" dopiero co sie dało usunałem reszte Driver Sweeperem. uruchamiam komputer normalnie i jako tako działa. Nie wiem co dalej nic nie instaluje usuwam po kolei gry przygotowując do formata. Wrzucam jeszcze kod błędy z dziennika systemu:
[url="http://img829.imageshack.us/i/beztytuuixs.jpg/"][img]http://img829.imageshack.us/img829/8864/beztytuuixs.th.jpg[/img][/url]

ten błąd wyskoczył z 10 razy.

jakieś pomysły? ja będę koło północy dopiero.

ktoś zna odpowiedź?

I znowu ja. Więc w skrócie gdyby to kogoś interesowało.



[b]EDIT@[/b]

Format przeprowadzony oraz zainstalowany WIndows 7. Po zainstalowaniu sterowników od płyty przyszedł czas na sterowniki GPU. Wybrałem wersję 258.96 dla 64-bitowego W7 jakiego zainstalowałem. Po ponownym uruchomieniu komputera nie minęło 4 minuty jak przywitała mnie zwiecha systemu zgaśnięcie monitora oraz restart... potem zamiast załadowania systemu przywitał mnie piękny kolorowy ekran pełen barwnych nieustających w ruchu artefaktów. Kółka kwadraty trójkąty paski kropki co tylko byście chcieli. Restart i zwiecha i tak w kółko. Pod odinstalowaniu sterowników w trybie awaryjnym kolejny problem. O ile na Viście dało się normalnie funkcjonować to na W7 już nie próba włączenia filmu z dysku skutkowała zawieszeniem systemu z charakterystycznym urwanym dźwiękiem.... teraz testuję pamięć RAM 1 kość po 4 godzinach Memtesta okazała się sprawna , druga zapewne nie będzie gorsza. Dysk sprawny (skanowałem HDTune) zero badów i innych nieprawidłowości. Zasilacz daje żelazne napięcia. CO nam pozostało? MOBO i GRAFIKA bo bios na czas instalacji przywróciłem do standardowych wartości. Nie wiem co mam robić. Sformatuję dysk raz jeszcze na nowo wgrywając W7 i zostaje mi oddanie grafiki na gwarancję. Nie mam już pomysłu skoro sterowniki sypią wszystko na 2 systemach i sprawdzałem 4 wersje sterowników to chyba wina leży po stronie fizycznej karty. Nic pozostaje nadzieja że to właśnie tu tkwi problem. Ewentualnie wyślę jeszcze na gwarancję MOBO.

Dżakub
komentarz
komentarz

Może spróbuj XP 32bit zainstalować (przy włożonych tylko dwóch kościach) i zainstaluj jakieś starsze stery.

Pozdrawiam i liczę że komputer "wyzdrowieje".

Dracoo
komentarz
komentarz

Nawet jak by działał normalnie na XP to jakaś porażka grać na takim w sprzęcie na DX9.. Więc zastanów się troche co radzisz..

Ale faktycznie najprawdopodobniej grafika się wysypała..

Gość
komentarz
komentarz

Idzie na serwis razem z płytą a co z tego wyniknie? Nie omieszkam napisać :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.