Igorrodz utworzono 14 maja 2012 utworzono 14 maja 2012 (edytowane) Elo, Grałem sobie dzisiaj spokojnie w [b]Sniper Elite V2[/b] aż tu nagle pojawia mi się następujący komunikat: "System Windows musi być uruchomiony ponownie, ponieważ usługa Program uruchamiający proces serwera DCOM została nieoczekiwanie przerwana" po czym (po około minucie) nastąpił restart peceta. [url="http://obrazki.elektroda.net/64_1337025242.jpg"][img]http://obrazki.elektroda.net/64_1337025242_thumb.jpg[/img][/url] Nadmienić muszę, że wczoraj grając w tą samą grę również pojawił mi się niespodziewany komunikat (jednak innej treści), mniej więcej taki: "System Windows musi być uruchomiony ponownie ponieważ usługa zasilanie została nieoczekiwanie przerwana" po czym nastąpił restart systemu. Tu nie zdążyłem zrobić screena bo zanim się zorientowałem restart właśnie nastąpił. Konfiguracja mojego peceta: Phenom II x3 720 Black Edition @3.4Ghz + Scythe Ninja 2 Gigabyte GA-990XA-UD3 SpecTek Incorporated 2x 2GB DDR3 1333Mhz Gigabyte GTX460 1GB SuperOverclocked Corsair TX650W v.1 Lancool K62 Black Oto Logi z OTL - [b]OTL.txt[/b] [log]OTL logfile created on: 2012-05-14 22:06:10 - Run 2 OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\Rodziewicz\Desktop\Foldery\OTL 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 40,58% Memory free 7,99 Gb Paging File | 5,17 Gb Available in Paging File | 64,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 89,38 Gb Free Space | 38,38% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 7,26 Gb Free Space | 12,38% Space Free | Partition Type: NTFS Drive E: | 58,59 Gb Total Space | 27,84 Gb Free Space | 47,51% Space Free | Partition Type: NTFS Drive F: | 31,85 Gb Total Space | 17,00 Gb Free Space | 53,38% Space Free | Partition Type: NTFS Drive G: | 341,79 Gb Total Space | 291,08 Gb Free Space | 85,16% Space Free | Partition Type: NTFS Drive H: | 341,79 Gb Total Space | 70,35 Gb Free Space | 20,58% Space Free | Partition Type: NTFS Drive I: | 247,92 Gb Total Space | 165,05 Gb Free Space | 66,58% Space Free | Partition Type: NTFS Drive J: | 232,88 Gb Total Space | 226,21 Gb Free Space | 97,14% Space Free | Partition Type: NTFS Drive K: | 1,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DOMOWY | User Name: Rodziewicz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-05-03 10:55:14 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-05-03 10:55:14 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2012-04-23 22:45:16 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Rodziewicz\Desktop\Foldery\OTL\OTL.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-02-29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-02-07 17:19:44 | 003,865,504 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2012-02-07 17:18:30 | 000,166,528 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2012-02-07 17:18:28 | 001,185,704 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2012-02-07 17:18:24 | 001,181,104 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-11-24 22:36:29 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2011-11-06 23:04:38 | 000,531,456 | ---- | M] (Irfan Skiljan) -- C:\Program Files (x86)\IrfanView\i_view32.exe PRC - [2011-10-31 21:32:54 | 000,540,872 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2010-04-07 15:00:04 | 005,758,976 | ---- | M] ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) -- C:\Program Files (x86)\eMule\emule.exe PRC - [2009-08-20 14:34:04 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe PRC - [2009-06-03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009-04-16 00:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe PRC - [2009-04-15 16:56:30 | 000,271,760 | R--- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-05-09 16:49:13 | 000,041,696 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051400\uiext.dll MOD - [2012-05-04 22:58:48 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll MOD - [2012-05-03 10:55:15 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll MOD - [2012-05-03 10:55:14 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-05-03 10:55:14 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe MOD - [2012-05-03 10:55:14 | 000,838,584 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll MOD - [2012-05-03 10:55:14 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll MOD - [2012-05-03 10:55:14 | 000,371,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll MOD - [2012-05-03 10:55:14 | 000,269,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll MOD - [2012-05-03 10:55:14 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll MOD - [2012-05-03 10:55:14 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll MOD - [2012-05-03 10:55:14 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll MOD - [2012-05-03 10:55:14 | 000,109,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll MOD - [2012-05-03 10:55:14 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll MOD - [2012-05-03 10:55:14 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll MOD - [2012-05-03 10:55:14 | 000,043,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll MOD - [2012-05-03 10:55:14 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll MOD - [2012-05-03 10:55:14 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll MOD - [2012-05-03 10:55:14 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll MOD - [2012-05-03 10:55:14 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe MOD - [2012-05-03 10:55:14 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll MOD - [2012-05-03 10:55:13 | 015,743,928 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll MOD - [2012-05-02 19:51:53 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll MOD - [2012-04-23 22:45:16 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Rodziewicz\Desktop\Foldery\OTL\OTL.exe MOD - [2012-04-21 21:36:03 | 000,321,320 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\crashhandler.dll MOD - [2012-04-21 21:35:59 | 006,641,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steamclient.dll MOD - [2012-04-21 21:35:59 | 000,444,200 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\vstdlib_s.dll MOD - [2012-04-21 21:35:59 | 000,272,168 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\tier0_s.dll MOD - [2012-04-21 21:35:59 | 000,122,864 | ---- | M] (Valve) -- C:\Program Files (x86)\Steam\CSERHelper.dll MOD - [2012-04-21 21:35:52 | 000,669,480 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\vgui2_s.DLL MOD - [2012-04-21 21:35:51 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2012-04-21 21:35:51 | 001,910,568 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamservice.dll MOD - [2012-04-21 21:35:51 | 001,726,248 | ---- | M] (Valve Corporation) -- c:\program files (x86)\steam\bin\serverbrowser.dll MOD - [2012-04-21 21:35:48 | 009,955,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Steam\bin\icudt.dll MOD - [2012-04-21 21:35:46 | 002,316,072 | ---- | M] (Valve Corporation) -- c:\program files (x86)\steam\bin\friendsui.dll MOD - [2012-04-21 21:35:46 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2012-04-21 21:35:46 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL MOD - [2012-04-21 21:35:46 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012-04-21 21:35:46 | 000,173,864 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\filesystem_steam.DLL MOD - [2012-04-21 21:35:46 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll MOD - [2012-04-21 21:35:45 | 003,970,856 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\SteamUI.dll MOD - [2012-04-21 21:35:45 | 002,975,056 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.dll MOD - [2012-04-21 21:35:45 | 001,039,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Steam\DbgHelp.dll MOD - [2012-04-21 06:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-04-04 15:56:38 | 002,165,320 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll MOD - [2012-04-04 15:56:38 | 000,476,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll MOD - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll MOD - [2012-03-03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-03-01 02:02:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll MOD - [2012-03-01 02:02:00 | 007,713,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll MOD - [2012-03-01 02:02:00 | 002,301,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll MOD - [2012-02-29 14:26:48 | 000,154,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MOD - [2012-02-29 14:26:42 | 000,691,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MOD - [2012-02-29 14:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-02-23 18:23:15 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll MOD - [2012-02-07 17:19:44 | 003,865,504 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe MOD - [2012-02-07 17:17:54 | 002,421,160 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll MOD - [2012-02-07 17:17:30 | 003,637,248 | ---- | M] (Project JEDI) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2012-01-02 01:32:55 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-01-02 01:32:53 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-01-02 01:32:53 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-01-02 01:32:04 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2012-01-02 01:32:04 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-24 22:36:29 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2011-11-06 23:04:39 | 000,029,184 | ---- | M] (-) -- C:\Program Files (x86)\IrfanView\Plugins\ANSI2UNICODE.DLL MOD - [2011-11-06 23:04:38 | 000,531,456 | ---- | M] (Irfan Skiljan) -- C:\Program Files (x86)\IrfanView\i_view32.exe MOD - [2011-10-31 21:32:54 | 000,540,872 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe MOD - [2011-10-31 21:32:54 | 000,070,344 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files (x86)\Ad Muncher v4.91\AM32-32700.dll MOD - [2011-10-31 17:37:18 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll MOD - [2011-10-05 12:53:06 | 000,576,000 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\ggsip.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\networkdao.dll MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-04-20 11:39:12 | 000,565,827 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-04-13 17:48:41 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-04-13 17:46:19 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll MOD - [2011-04-13 17:46:19 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll MOD - [2011-03-09 17:49:27 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2011-03-09 17:49:16 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] ([url="http://hunspell.sourceforge.net/"]http://hunspell.sourceforge.net/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\libhunspell.dll MOD - [2011-02-17 11:00:44 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Gadu-Gadu 10\dbghelp.dll MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\libcurl.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\LIBEAY32.dll MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\SSLEAY32.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2010-11-21 05:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-21 05:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2010-11-21 05:25:11 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll MOD - [2010-11-21 05:25:10 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL MOD - [2010-11-21 05:25:10 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll MOD - [2010-11-21 05:25:10 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll MOD - [2010-11-21 05:25:10 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll MOD - [2010-11-21 05:24:51 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll MOD - [2010-11-21 05:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-21 05:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-21 05:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-21 05:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-21 05:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-21 05:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll MOD - [2010-11-21 05:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2010-11-21 05:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-21 05:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-21 05:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-21 05:24:20 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll MOD - [2010-11-21 05:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-21 05:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010-11-21 05:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-21 05:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-21 05:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-21 05:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-21 05:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-21 05:24:15 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll MOD - [2010-11-21 05:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-21 05:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-21 05:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-21 05:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-21 05:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-21 05:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-21 05:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-21 05:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-21 05:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-21 05:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2010-11-21 05:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010-11-21 05:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-21 05:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-21 05:24:08 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll MOD - [2010-11-21 05:24:08 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll MOD - [2010-11-21 05:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-21 05:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll MOD - [2010-11-21 05:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-21 05:24:03 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2010-11-21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010-11-21 05:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-21 05:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll MOD - [2010-11-21 05:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-21 05:24:01 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2010-11-21 05:24:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll MOD - [2010-11-21 05:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-21 05:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-21 05:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-21 05:24:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll MOD - [2010-11-21 05:23:59 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2010-11-21 05:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-21 05:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-21 05:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010-11-21 05:23:54 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll MOD - [2010-11-21 05:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-21 05:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-21 05:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-21 05:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-21 05:23:51 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\asycfilt.dll MOD - [2010-11-21 05:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-21 05:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-21 05:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-21 05:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-21 05:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-03 22:55:00 | 002,457,088 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl MOD - [2010-11-03 22:55:00 | 002,150,400 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl MOD - [2010-11-03 22:55:00 | 000,321,024 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\vclimg150.bpl MOD - [2010-11-03 22:55:00 | 000,235,520 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\vclx150.bpl MOD - [2010-04-07 15:01:26 | 000,102,400 | ---- | M] ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) -- C:\Program Files (x86)\eMule\lang\pl_PL.dll MOD - [2010-04-07 15:00:04 | 005,758,976 | ---- | M] ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) -- C:\Program Files (x86)\eMule\emule.exe MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 03:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PhotoMetadataHandler.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfos.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netbios.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll MOD - [2009-07-14 03:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll MOD - [2009-07-14 03:15:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fundisc.dll MOD - [2009-07-14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009-07-14 03:15:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fdProxy.dll MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\es.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 03:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll MOD - [2009-07-14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-07-14 03:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icmp.dll MOD - [2009-06-03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009-06-03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009-06-03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe MOD - [2009-04-16 00:52:20 | 000,075,048 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\CLRCEngine3.dll MOD - [2009-04-16 00:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe MOD - [2006-12-26 15:18:26 | 000,353,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll MOD - [2006-12-26 15:18:22 | 000,509,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2011-12-26 15:33:26 | 000,289,792 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-05-04 22:58:49 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-03 10:55:15 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-21 21:35:51 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-07 15:09:00 | 000,030,592 | ---- | M] (REALiX™) [Kernel | System | Running] -- C:\Program Files\HWiNFO64\HWiNFO64A.SYS -- (HWiNFO32) DRV:[b]64bit:[/b] - [2012-01-17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-05-11 18:23:10 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-05-11 18:23:10 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-03-07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:[b]64bit:[/b] - [2011-03-07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:[b]64bit:[/b] - [2011-01-13 13:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-11-21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-11-09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-05-19 20:44:00 | 001,137,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV - [2011-11-28 10:42:58 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2011-10-31 16:25:30 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2002-01-12 17:30:34 | 000,003,567 | ---- | M] (Beyond Logic [url="http://www.beyondlogic.org"]http://www.beyondlogic.org[/url]) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PortTalk.sys -- (PortTalk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&form=SPLBR1&pc=SPLH"]http://www.bing.com/...=SPLBR1&pc=SPLH[/url] IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\..\SearchScopes\{BD9AB335-39C5-41c3-A47A-FAFB929F1057}: "URL" = [url="http://uk.search.yahoo.com/search?p=%7BsearchTerms%7D&fr=chr-devicevm&type=IEBDSV"]http://uk.search.yah...evm&type=IEBDSV[/url] IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\..\SearchScopes\{E2462FB2-6E9E-47ce-8A57-8693D8274191}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q=%7BsearchTerms%7D"]http://www.google.co...q={searchTerms}[/url] IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local IE - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:9666 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher v4.91\FirefoxExtension_2.0 [2011-10-31 21:32:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-29 16:02:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-05-03 10:55:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher v4.91\FirefoxExtension_2.0 [2011-10-31 21:32:54 | 000,000,000 | ---D | M] [2011-12-16 17:03:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rodziewicz\AppData\Roaming\mozilla\Extensions [2012-05-07 21:48:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rodziewicz\AppData\Roaming\mozilla\Firefox\Profiles\fc7csxn5.default\extensions [2012-04-16 19:39:05 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rodziewicz\AppData\Roaming\mozilla\Firefox\Profiles\fc7csxn5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-05-03 10:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-10-31 21:32:54 | 000,000,000 | ---D | M] (Ad Muncher Browser Extensions) -- C:\PROGRAM FILES (X86)\AD MUNCHER V4.91\FIREFOXEXTENSION_2.0 [2012-03-29 16:02:05 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF () (No name found) -- C:\USERS\RODZIEWICZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FC7CSXN5.DEFAULT\EXTENSIONS\{4DC70064-89E2-4A55-8FC6-E8CDEAE3618C}.XPI () (No name found) -- C:\USERS\RODZIEWICZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FC7CSXN5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\RODZIEWICZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FC7CSXN5.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2012-05-03 10:55:15 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-02-21 18:36:02 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-21 18:36:02 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-21 18:36:02 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-21 18:36:02 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-21 18:36:02 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-21 18:36:02 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - Extension: Spybot - Search & Destroy = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmcccagmbagkpbdgpammblejlmiempb\2.0.7.20106_0\ CHR - Extension: YouTube = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: AdBlock = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.16_0\ CHR - Extension: avast! WebRep = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: Gmail = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-05-09 16:22:54 | 000,883,758 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15210 more lines... O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found. O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Ad Muncher] C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe (Murray Hurps Corp Pty Ltd) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) O4 - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000..\Run: [Odkurzacz-MCD] C:\Program Files (x86)\Odkurzacz\odk_mcd.exe (Franmo Software) O4 - HKU\S-1-5-21-1955565246-2597569832-3964930277-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Block frame with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_frame"]http://www.admuncher...d=menu_ie_frame[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Block image with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_image"]http://www.admuncher...d=menu_ie_image[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Block link with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_link"]http://www.admuncher...id=menu_ie_link[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Don't filter page with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_exclude"]http://www.admuncher...menu_ie_exclude[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Report page to the Ad Muncher developers - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_report"]http://www.admuncher...=menu_ie_report[/url] File not found O8 - Extra context menu item: Block frame with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_frame"]http://www.admuncher...d=menu_ie_frame[/url] File not found O8 - Extra context menu item: Block image with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_image"]http://www.admuncher...d=menu_ie_image[/url] File not found O8 - Extra context menu item: Block link with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_link"]http://www.admuncher...id=menu_ie_link[/url] File not found O8 - Extra context menu item: Don't filter page with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_exclude"]http://www.admuncher...menu_ie_exclude[/url] File not found O8 - Extra context menu item: Report page to the Ad Muncher developers - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_report"]http://www.admuncher...=menu_ie_report[/url] File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F3DDA35-2874-4E97-9ED5-544FBB86E730}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F3DDA35-2874-4E97-9ED5-544FBB86E730}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{270B206B-1CA6-456B-8427-008727D3246A}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\ipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-04-16 16:26:07 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - Unable to obtain root file information for disk H:\ O32 - AutoRun File - [2012-03-27 13:30:14 | 000,000,143 | R--- | M] () - K:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{25dd2a4c-03c1-11e1-8ba1-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{25dd2a4c-03c1-11e1-8ba1-806e6f6e6963}\Shell\AutoRun\command - "" = K:\setup.exe -- [2012-03-27 12:16:34 | 000,971,335 | R--- | M] (1C Company. ) O33 - MountPoints2\{25dd2a4c-03c1-11e1-8ba1-806e6f6e6963}\Shell\install\command - "" = K:\setup.exe -- [2012-03-27 12:16:34 | 000,971,335 | R--- | M] (1C Company. ) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-05-13 14:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag [2012-05-13 14:00:36 | 001,363,968 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranFD.exe [2012-05-13 14:00:36 | 000,289,792 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragS.exe [2012-05-13 14:00:36 | 000,284,672 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDC.exe [2012-05-13 14:00:36 | 000,253,952 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefrag.dll [2012-05-13 14:00:36 | 000,130,048 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragBT.exe [2012-05-13 14:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag [2012-05-11 18:41:01 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Local\SniperV2 [2012-05-11 17:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 [2012-05-11 17:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO64 [2012-05-03 23:08:19 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Local\SniperV2 Demo [2012-05-03 22:26:29 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012-05-03 10:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-05-03 10:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-04-24 18:58:08 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 12:57:50 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\Documents\Diablo III [2012-04-21 12:57:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012-04-20 19:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta [2012-04-20 19:06:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III Beta [2012-04-20 19:06:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2012-04-20 19:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012-04-19 22:31:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012-04-19 17:50:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-04-19 17:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-04-16 19:41:54 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\Desktop\Skróty [2012-04-16 19:39:34 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\Desktop\Foldery [2012-04-15 01:02:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2012-04-15 01:02:29 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2012-04-15 01:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2012-04-08 13:36:04 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Roaming\ParetoLogic [2012-04-08 13:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic [2012-04-02 18:12:03 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Roaming\FreeStone Group [2012-04-02 18:12:00 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Card Stability Test [2012-04-02 18:12:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Card Stability Test [2012-03-30 15:34:32 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Roaming\SpeedyPC Software [2012-03-30 15:34:32 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Roaming\DriverCure [2012-03-30 15:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software [2012-03-30 15:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegistryNuke 2012 [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-05-14 22:09:11 | 006,291,456 | -HS- | M] () -- C:\Users\Rodziewicz\NTUSER.DAT [2012-05-14 21:57:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-14 21:49:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-14 21:44:51 | 000,045,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-14 21:44:51 | 000,045,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-14 21:36:44 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-14 21:36:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-05-14 21:36:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-14 21:36:09 | 3219,152,896 | -HS- | M] () -- C:\hiberfil.sys [2012-05-14 21:34:52 | 000,000,139 | ---- | M] () -- C:\Users\Rodziewicz\AppData\Roaming\Network Monitor II_Traffic.ini [2012-05-14 21:34:43 | 005,801,242 | -H-- | M] () -- C:\Users\Rodziewicz\AppData\Local\IconCache.db [2012-05-14 21:34:33 | 000,306,533 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\błąd_0001.jpg [2012-05-14 00:19:09 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-14 00:19:09 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-05-14 00:19:09 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-14 00:19:09 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-05-14 00:19:09 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-14 00:13:18 | 002,697,942 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\video-2012-05-14-00-12-48.mp4 [2012-05-13 23:51:06 | 000,007,609 | ---- | M] () -- C:\Users\Rodziewicz\AppData\Local\resmon.resmoncfg [2012-05-13 11:53:02 | 000,292,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-11 17:14:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-05-11 16:46:01 | 000,000,221 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\Sniper Elite V2.url [2012-05-09 16:22:54 | 000,883,758 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2012-05-09 16:07:19 | 000,883,758 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120509-162254.backup [2012-04-25 00:30:51 | 000,883,758 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120509-160719.backup [2012-04-25 00:30:22 | 000,883,758 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120425-003051.backup [2012-04-24 18:58:20 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120425-003022.backup [2012-04-20 19:06:54 | 000,001,270 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk [2012-04-19 22:31:28 | 000,001,347 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\Men of War. Condemned Heroes.lnk [2012-04-08 13:42:01 | 000,001,362 | ---- | M] () -- C:\Users\Rodziewicz\Documents\cc_20120408_134157.reg [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-14 21:34:33 | 000,306,533 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\błąd_0001.jpg [2012-05-14 00:17:14 | 002,697,942 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\video-2012-05-14-00-12-48.mp4 [2012-05-11 16:46:01 | 000,000,221 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\Sniper Elite V2.url [2012-04-20 19:06:34 | 000,001,270 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk [2012-04-19 22:31:28 | 000,001,347 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\Men of War. Condemned Heroes.lnk [2012-04-15 01:02:35 | 000,002,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2012-04-08 13:41:59 | 000,001,362 | ---- | C] () -- C:\Users\Rodziewicz\Documents\cc_20120408_134157.reg [2012-03-30 10:37:45 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-03-11 20:02:26 | 000,000,191 | ---- | C] () -- C:\ProgramData\Spybot - Search & Destroyation.ination.ini [2012-03-08 18:46:20 | 000,007,609 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Local\resmon.resmoncfg [2012-03-05 09:25:54 | 000,000,620 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Roaming\Network Monitor II_Settings.ini [2012-03-03 22:42:35 | 000,000,139 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Roaming\Network Monitor II_Traffic.ini [2012-02-29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012-01-21 22:02:45 | 000,000,000 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Local\{812F9B85-3B53-4CEA-9BD8-5A5D1424DB29} [2011-11-29 21:59:07 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2011-11-29 21:59:07 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2011-11-29 21:59:07 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2011-11-29 21:54:49 | 000,018,560 | ---- | C] () -- C:\Windows\DIIUnin.dat [2011-11-17 09:17:00 | 000,000,416 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011-11-15 21:56:15 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011-11-12 00:57:51 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-11-12 00:57:40 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-11-12 00:57:40 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-11-12 00:57:40 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-10-31 18:48:08 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{4e05d663-03cf-11e1-a769-50e549528c17}.TMContainer00000000000000000002.regtrans-ms [2011-10-31 18:48:08 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{4e05d663-03cf-11e1-a769-50e549528c17}.TMContainer00000000000000000001.regtrans-ms [2011-10-31 18:48:08 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{4e05d663-03cf-11e1-a769-50e549528c17}.TM.blf [2011-10-31 18:05:23 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2011-10-31 18:05:22 | 000,000,035 | ---- | C] () -- C:\Windows\vbaddin.ini [2011-10-31 17:38:22 | 000,000,272 | ---- | C] () -- C:\Windows\lgfwup.ini [2011-10-31 17:28:04 | 000,062,312 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Local\GDIPFONTCACHEV1.DAT [2011-10-31 17:09:18 | 000,397,312 | R--- | C] () -- C:\Windows\SysWow64\zshp1020.exe [2011-10-31 17:09:18 | 000,106,496 | R--- | C] () -- C:\Windows\SysWow64\vshp1020.dll [2011-10-31 16:39:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011-10-31 16:22:41 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2011-10-31 16:12:43 | 005,801,242 | -H-- | C] () -- C:\Users\Rodziewicz\AppData\Local\IconCache.db [2011-10-31 16:11:33 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{b1d372d4-03c2-11e1-9fbb-e5eb622576c2}.TMContainer00000000000000000002.regtrans-ms [2011-10-31 16:11:33 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{b1d372d4-03c2-11e1-9fbb-e5eb622576c2}.TMContainer00000000000000000001.regtrans-ms [2011-10-31 16:11:33 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat [2011-10-31 16:11:33 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{b1d372d4-03c2-11e1-9fbb-e5eb622576c2}.TM.blf [2011-10-31 16:09:07 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [color=#E56717]========== LOP Check ==========[/color] [2011-11-20 14:44:47 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\BinarySense [2012-03-11 17:13:23 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\DAEMON Tools Lite [2012-03-30 15:34:32 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\DriverCure [2012-03-15 14:06:17 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Folding@home-x86 [2012-04-02 18:12:03 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\FreeStone Group [2011-11-19 23:03:29 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Gadu-Gadu [2011-12-28 01:42:23 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Gadu-Gadu 10 [2011-12-18 18:08:32 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\ImgBurn [2011-11-06 23:04:39 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\IrfanView [2011-11-19 23:09:16 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Nowe Gadu-Gadu [2011-10-31 21:07:12 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Opera [2011-11-10 21:36:21 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Origin [2012-04-08 13:36:04 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\ParetoLogic [2012-03-30 15:34:32 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\SpeedyPC Software [2011-11-06 23:51:45 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Splashtop [2012-02-26 17:25:41 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\The Creative Assembly [2011-11-19 18:41:51 | 000,000,000 | ---D | M] -- C:\Users\Rodziewicz\AppData\Roaming\Wildfire [2012-01-21 13:39:05 | 000,032,520 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-10-31 16:19:47 | 000,000,156 | ---- | M] () -- C:\csb.log [2012-05-14 21:36:09 | 3219,152,896 | -HS- | M] () -- C:\hiberfil.sys [2011-10-31 16:15:53 | 000,000,189 | ---- | M] () -- C:\Install.log [2011-11-08 21:28:11 | 000,034,677 | ---- | M] () -- C:\M1319.log [2012-05-14 21:36:09 | 4292,206,592 | -HS- | M] () -- C:\pagefile.sys [2011-10-31 16:12:42 | 000,003,192 | ---- | M] () -- C:\RHDSetup.log [2011-11-28 23:20:42 | 000,935,006 | ---- | M] () -- C:\service.log [2012-01-19 22:29:59 | 000,133,958 | ---- | M] () -- C:\shared.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010-11-21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2012-04-04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < End of report > [/log] [b]Extras.txt[/b] [log]OTL Extras logfile created on: 2012-05-14 22:06:10 - Run 2 OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\Rodziewicz\Desktop\Foldery\OTL 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 40,58% Memory free 7,99 Gb Paging File | 5,17 Gb Available in Paging File | 64,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 89,38 Gb Free Space | 38,38% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 7,26 Gb Free Space | 12,38% Space Free | Partition Type: NTFS Drive E: | 58,59 Gb Total Space | 27,84 Gb Free Space | 47,51% Space Free | Partition Type: NTFS Drive F: | 31,85 Gb Total Space | 17,00 Gb Free Space | 53,38% Space Free | Partition Type: NTFS Drive G: | 341,79 Gb Total Space | 291,08 Gb Free Space | 85,16% Space Free | Partition Type: NTFS Drive H: | 341,79 Gb Total Space | 70,35 Gb Free Space | 20,58% Space Free | Partition Type: NTFS Drive I: | 247,92 Gb Total Space | 165,05 Gb Free Space | 66,58% Space Free | Partition Type: NTFS Drive J: | 232,88 Gb Total Space | 226,21 Gb Free Space | 97,14% Space Free | Partition Type: NTFS Drive K: | 1,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DOMOWY | User Name: Rodziewicz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-1955565246-2597569832-3964930277-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [[ Odkurz tutaj ]] -- C:\Program Files (x86)\Odkurzacz\odkurzacz.exe %1 (Franmo Software) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [[ Odkurz tutaj ]] -- C:\Program Files (x86)\Odkurzacz\odkurzacz.exe %1 (Franmo Software) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518) "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "CCleaner" = CCleaner "CPUID CPU-Z_is1" = CPUID CPU-Z 1.58 "CPUID HWMonitor_is1" = CPUID HWMonitor 1.18 "Defraggler" = Defraggler "HWiNFO64_is1" = HWiNFO64 Version 3.95 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "Puran Defrag Free Edition_is1" = Puran Defrag Free Edition 7.3 "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}" = Men of War "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0427.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie "{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6}" = Folding@home-x86 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1" = Sunrise Seven 1.2.61 "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2 "{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}" = inSSIDer "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C49F8E1C-0BAE-4836-A670-AE76BA32BE90}" = ChomikBox "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1 "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E8BED654-3833-48DE-A802-7757CF920871}" = Men of War: Wietnam "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3F5B440-0ACB-4F72-842D-E8DEC4236FFC}_is1" = Men of War: Condemned Heroes (Remove Only) "Ad Muncher" = Ad Muncher v4.92 Build 32700 "avast" = avast! Free Antivirus "CrystalDiskInfo_is1" = CrystalDiskInfo 4.3.0 "Diablo II" = Diablo II "Diablo III Beta" = Diablo III Beta "eMule" = eMule "ESN Sonar-0.70.4" = ESN Sonar "Fraps" = Fraps "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "HD Tune_is1" = HD Tune 2.55 "HP-LaserJet 1020 series" = LaserJet 1020 series "ImgBurn" = ImgBurn "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0427.1 "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1 "InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller "IrfanView" = IrfanView (remove only) "Kalendarz XP" = Kalendarz XP v29.85 "KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400 "Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OCCT" = OCCT 4.1.1 "Odkurzacz 12.6_is1" = Odkurzacz 12.6 "Opera 11.64.1403" = Opera 11.64 "Origin" = Origin "SpeedFan" = SpeedFan (remove only) "Steam App 10500" = Empire: Total War "Steam App 10540" = Football Manager 2009 "Steam App 42680" = Call of Duty: Modern Warfare 3 "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server "Steam App 550" = Left 4 Dead 2 "Steam App 55370" = Saints Row: The Third - Initiation Station "Steam App 63380" = Sniper Elite V2 "UltraISO_is1" = UltraISO Premium V9.51 "Video Card Stability Test" = Video Card Stability Test [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1955565246-2597569832-3964930277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Diablo II" = Diablo II [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-05-13 13:06:24 | Computer Name = Domowy | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2012-05-13 13:06:30 | Computer Name = Domowy | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2012-05-13 13:06:31 | Computer Name = Domowy | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2012-05-13 13:06:32 | Computer Name = Domowy | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2012-05-13 13:06:33 | Computer Name = Domowy | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2012-05-13 13:07:45 | Computer Name = Domowy | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2012-05-13 13:07:46 | Computer Name = Domowy | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2012-05-14 11:02:34 | Computer Name = Domowy | Source = WinMgmt | ID = 10 Description = Error - 2012-05-14 15:34:05 | Computer Name = Domowy | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: svchost.exe_PlugPlay, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc3c1 Nazwa modułu powodującego błąd: RPCRT4.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7c96e Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000026687 Identyfikator procesu powodującego błąd: 0x304 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd31e271637f8b Ścieżka aplikacji powodującej błąd: C:\Windows\system32\svchost.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\RPCRT4.dll Identyfikator raportu: c3d544f3-9dfb-11e1-8aaa-50e549528c17 Error - 2012-05-14 15:37:18 | Computer Name = Domowy | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = PNRPSvc | ID = 102 Description = Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = PNRPSvc | ID = 102 Description = Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-05-14 15:38:11 | Computer Name = Domowy | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-05-14 15:39:15 | Computer Name = Domowy | Source = Service Control Manager | ID = 7038 Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error - 2012-05-14 15:39:15 | Computer Name = Domowy | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 < End of report >[/log] A oto logi z RIST - [b]RIST.txt[/b] [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Rodziewicz at 2012-05-14 22:08:56 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 92 GB (38%) free of 238 GB Total RAM: 4093 MB (47% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:09:07, on 2012-05-14 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Gadu-Gadu 10\gg.exe C:\Program Files (x86)\eMule\emule.exe C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\IrfanView\i_view32.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Rodziewicz\Desktop\Foldery\OTL\OTL.exe C:\Users\Rodziewicz\Desktop\DOWNLOAD\RSIT.exe C:\Program Files (x86)\trend micro\Rodziewicz.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ˙ţ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file) O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe" /bt O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files (x86)\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files (x86)\Odkurzacz\odk_mcd.exe O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Block frame with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_frame"]http://www.admuncher...d=menu_ie_frame[/url] O8 - Extra context menu item: Block image with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_image"]http://www.admuncher...d=menu_ie_image[/url] O8 - Extra context menu item: Block link with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_link"]http://www.admuncher...id=menu_ie_link[/url] O8 - Extra context menu item: Don't filter page with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_exclude"]http://www.admuncher...menu_ie_exclude[/url] O8 - Extra context menu item: Report page to the Ad Muncher developers - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_report"]http://www.admuncher...=menu_ie_report[/url] O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{1F3DDA35-2874-4E97-9ED5-544FBB86E730}: NameServer = 8.8.8.8,8.8.4.4 O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11935 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Rodziewicz\AppData\Roaming\Mozilla\Firefox\Profiles\fc7csxn5.default "{3ED591BC-7CC7-495B-A526-B2431356EDC1}"=C:\Program Files (x86)\Ad Muncher v4.91\FirefoxExtension_2.0 "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.2.202.235 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] "Description"=ESN Sonar browser plugin "Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0] "Description"= "Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Users\Rodziewicz\AppData\Roaming\Mozilla\Firefox\Profiles\fc7csxn5.default\extensions\ {b9db16a4-6edc-47ec-a1f4-b86292ed211d} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-19 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-19 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Ad Muncher"=C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe [2011-10-31 540872] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] "Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-02-07 3865504] "UpdatePSTShortCut"=C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-09-29 210216] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "RemoteControl8"=C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-16 91432] "PDVD8LanguageShortcut"=C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [2009-04-16 50472] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584] "Steam"=C:\Program Files (x86)\Steam\Steam.exe [2011-11-24 1242448] "Gadu-Gadu 10"=C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [2011-07-04 13374048] "Odkurzacz-MCD"=C:\Program Files (x86)\Odkurzacz\odk_mcd.exe [2011-02-20 370688] "eMuleAutoStart"=C:\Program Files (x86)\eMule\emule.exe [2010-04-07 5758976] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon] SDWinLogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=xvidvfw.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm "VIDC.FFDS"=ff_vfw.dll "VIDC.FPS1"=frapsvid.dll "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-05-14 22:08:57 ----D---- C:\Program Files (x86)\trend micro 2012-05-14 22:08:56 ----D---- C:\rsit 2012-05-09 16:19:51 ----A---- C:\Windows\SysWOW64\DWrite.dll 2012-05-09 16:19:48 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2012-05-09 16:19:47 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2012-05-03 10:55:20 ----D---- C:\ProgramData\Mozilla 2012-05-03 10:55:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2012-04-24 18:58:08 ----D---- C:\_OTL 2012-04-21 12:57:50 ----D---- C:\ProgramData\Blizzard Entertainment 2012-04-20 19:06:34 ----D---- C:\Program Files (x86)\Diablo III Beta 2012-04-20 19:06:34 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2012-04-20 19:04:53 ----D---- C:\ProgramData\Battle.net 2012-04-19 22:31:37 ----D---- C:\Windows\SysWOW64\directx 2012-04-19 17:50:53 ----D---- C:\Program Files (x86)\Common Files\Java 2012-04-19 17:50:13 ----A---- C:\Windows\SysWOW64\javaws.exe 2012-04-19 17:50:13 ----A---- C:\Windows\SysWOW64\javaw.exe 2012-04-19 17:50:13 ----A---- C:\Windows\SysWOW64\java.exe 2012-04-19 17:49:56 ----D---- C:\Program Files (x86)\Java 2012-04-15 01:02:22 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 ======List of files/folders modified in the last 1 month====== 2012-05-14 22:08:57 ----RD---- C:\Program Files (x86) 2012-05-14 22:08:55 ----D---- C:\Windows\Temp 2012-05-14 21:36:48 ----D---- C:\Program Files (x86)\Steam 2012-05-14 21:36:13 ----D---- C:\ProgramData\NVIDIA 2012-05-14 21:34:52 ----A---- C:\Users\Rodziewicz\AppData\Roaming\Network Monitor II_Traffic.ini 2012-05-14 00:19:09 ----D---- C:\Windows\System32 2012-05-14 00:19:09 ----D---- C:\Windows\inf 2012-05-13 19:07:57 ----D---- C:\Windows\Microsoft.NET 2012-05-13 19:07:46 ----RSD---- C:\Windows\assembly 2012-05-13 15:43:24 ----SHD---- C:\System Volume Information 2012-05-13 14:00:36 ----RD---- C:\Program Files 2012-05-13 11:54:28 ----D---- C:\Windows\Prefetch 2012-05-13 11:54:17 ----D---- C:\Windows\winsxs 2012-05-13 11:53:04 ----D---- C:\Windows 2012-05-12 23:46:10 ----D---- C:\Windows\SysWOW64 2012-05-12 13:15:31 ----D---- C:\Program Files (x86)\Opera 2012-05-06 02:35:52 ----D---- C:\Program Files (x86)\Kalendarz XP 2012-05-04 22:58:48 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-05-04 22:58:39 ----A---- C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2012-05-03 23:07:36 ----SHD---- C:\Windows\Installer 2012-05-03 17:17:49 ----D---- C:\Program Files (x86)\Common Files\Steam 2012-05-03 10:55:29 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-05-03 10:55:20 ----HD---- C:\ProgramData 2012-04-25 00:30:03 ----D---- C:\ProgramData\Spybot - Search & Destroy 2012-04-24 19:13:05 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2012-04-24 16:44:04 ----D---- C:\Fraps 2012-04-20 19:06:53 ----D---- C:\Program Files (x86)\Common Files 2012-04-19 22:36:54 ----D---- C:\Program Files (x86)\1C Company 2012-04-19 19:41:01 ----D---- C:\Windows\Tasks 2012-04-19 17:50:36 ----D---- C:\Program Files (x86)\Origin 2012-04-19 17:49:58 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2012-04-19 17:48:49 ----D---- C:\Program Files (x86)\Hewlett-Packard 2012-04-18 22:24:21 ----D---- C:\Windows\pss 2012-04-15 01:02:35 ----SD---- C:\ProgramData\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Program Files\HWiNFO64\HWiNFO64A.SYS [2012-02-07 30592] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 athr;TP-LINK Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] S2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [] S3 ALSysIO;ALSysIO; \??\C:\Users\RODZIE~1\AppData\Local\Temp\ALSysIO64.sys [] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-11-28 25640] S3 GPU-Z;GPU-Z; \??\C:\Users\RODZIE~1\AppData\Local\Temp\GPU-Z.sys [] S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-10-31 30528] S3 netr28ux;Sterownik karty RT2870 USB Wireless LAN Card dla systemu Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [] S3 PortTalk;PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [2002-01-12 3567] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-15 271760] R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-02-07 1181104] R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-02-07 1185704] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-02-07 166528] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31 136176] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31 136176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-04-21 489256] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [] -----------------EOF-----------------[/log] [b]INFO.txt[/b] [log]info.txt logfile of random's system information tool 1.09 2012-05-14 22:09:09 ======Uninstall list====== @BIOS-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\Setup.exe" -l0x9 -removeonly -->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} Ad Muncher v4.92 Build 32700-->"C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe" /P "InstallerAction=Uninstall" /P "InstallTarget=C:\Program Files (x86)\Ad Muncher v4.91" Adobe Reader X (10.1.3) - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-AA1000000001} AutoGreen B10.1021.1-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C75FAD21-EC08-42F3-92D6-C9C0AB355345} avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging Call of Duty: Modern Warfare 3 - Dedicated Server-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42750 Call of Duty: Modern Warfare 3 - Multiplayer-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42690 Call of Duty: Modern Warfare 3-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42680 ChomikBox-->MsiExec.exe /I{C49F8E1C-0BAE-4836-A670-AE76BA32BE90} CrystalDiskInfo 4.3.0-->"C:\Program Files (x86)\CrystalDiskInfo\unins000.exe" Diablo II-->C:\Windows\DIIUnin.exe C:\Windows\DIIUnin.dat Diablo III Beta-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III Beta\Uninstall.exe Easy Tune 6 B11.0427.1-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA} Empire: Total War-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10500 eMule-->"C:\Program Files (x86)\eMule\Uninstall.exe" ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe Etron USB3.0 Host Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\SETUP.EXE" -runfromtemp -l0x0409 -removeonly Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27} Folding@home-x86-->MsiExec.exe /I{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6} Football Manager 2009-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10540 Fraps-->"C:\Fraps\uninstall.exe" Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Earth Plug-in-->MsiExec.exe /X{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HD Tune 2.55-->"C:\Program Files (x86)\HD Tune\unins000.exe" ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe" inSSIDer-->MsiExec.exe /I{BF6379E6-9936-46B0-B6AC-C56EE3987D2E} IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe Java™ 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF} Kalendarz XP v29.85-->C:\Program Files (x86)\Kalendarz XP\uninstall.exe K-Lite Codec Pack 7.9.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" LaserJet 1020 series-->C:\Program Files (x86)\Zenographics\{14342D0B-FBDE-4981-9508-8E49A1BFCC55}\SETUP.EXE -u "HPLJInstaller.dll=Hplj1020.inf" Left 4 Dead 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/550 LG CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LG CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LG CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall LG CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall LG CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall LG CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall LG ODD Auto Oprogramowanie-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe" LG Power Tools-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall LG Power Tools-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C} Malwarebytes Anti-Malware wersja 1.61.0.1400-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Men of War: Condemned Heroes (Remove Only)-->"C:\Program Files (x86)\1C Company\Men of War. Condemned Heroes\unins000.exe" Men of War: Wietnam-->"C:\Program Files (x86)\InstallShield Installation Information\{E8BED654-3833-48DE-A802-7757CF920871}\setup.exe" -runfromtemp -l0x0415 -removeonly Men of War-->"C:\Program Files (x86)\InstallShield Installation Information\{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}\setup.exe" -runfromtemp -l0x0015 -removeonly Microsoft Office 2000 Premium-->MsiExec.exe /I{00000415-78E1-11D2-B60F-006097C998E7} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Mozilla Firefox 12.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask OCCT 4.1.1-->C:\Program Files (x86)\OCCTPT\uninst.exe Odkurzacz 12.6-->"C:\Program Files (x86)\Odkurzacz\unins000.exe" Opera 11.64-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.Exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly Saints Row: The Third - Initiation Station-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/55370 Sniper Elite V2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/63380 SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe" Spybot - Search & Destroy 2-->"C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Sunrise Seven 1.2.61-->"C:\Program Files (x86)\Sunrise Seven\unins000.exe" The Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0015 -removeonly UltraISO Premium V9.51-->"C:\Program Files (x86)\UltraISO\unins000.exe" Video Card Stability Test-->C:\Program Files (x86)\Video Card Stability Test\uninstall.exe ======Hosts File====== 127.0.0.1 localhost ::1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com ======System event log====== Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Distributed Link Tracking Client weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20101121035831.108772-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Desktop Window Manager Session Manager weszła w stan stopped. Record Number: 4 Source Name: Service Control Manager Time Written: 20101121035831.108772-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Power weszła w stan stopped. Record Number: 3 Source Name: Service Control Manager Time Written: 20101121035831.108772-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Windows Event Log weszła w stan stopped. Record Number: 2 Source Name: Service Control Manager Time Written: 20101121035831.093172-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Diagnostic Policy Service weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20101121035831.093172-000 Event Type: Informacje User: =====Application event log===== Computer Name: 37L4247F27-25 Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 5 Source Name: Microsoft-Windows-WMI Time Written: 20111031130727.000000-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20111031130724.000000-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 3 Source Name: Microsoft-Windows-EventSystem Time Written: 20111031130720.000000-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 1531 Message: Usługa profilów użytkowników została uruchomiona pomyślnie. Record Number: 2 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20111031130720.366511-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: 37L4247F27-25 Event Code: 1532 Message: Usługa profilów użytkowników została zatrzymana. Record Number: 1 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20101121035831.124372-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM =====Security event log===== Computer Name: Domowy Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 25141 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120126185008.806491-000 Event Type: Sukcesy inspekcji User: Computer Name: Domowy Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: DOMOWY$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x268 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 25140 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120126185008.806491-000 Event Type: Sukcesy inspekcji User: Computer Name: Domowy Event Code: 4634 Message: Użytkownik wylogował się z konta. Podmiot: Identyfikator zabezpieczeń: S-1-5-7 Nazwa konta: LOGOWANIE ANONIMOWE Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0xb600c Typ logowania: 3 To zdarzenie jest generowane w przypadku zniszczenia sesji logowania. Można je jednoznacznie skorelować ze zdarzeniem logowania przy użyciu wartości identyfikatora logowania. Identyfikatory logowania są unikatowe tylko między ponownymi rozruchami na tym samym komputerze. Record Number: 25139 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120126184818.589187-000 Event Type: Sukcesy inspekcji User: Computer Name: Domowy Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 3 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-7 Nazwa konta: LOGOWANIE ANONIMOWE Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0xb600c Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x0 Nazwa procesu: - Informacje o sieci: Nazwa stacji roboczej: RODZIEWICZ Adres źródłowy sieci: fe80::69b3:f161:d08a:181e Port źródłowy: 52864 Szczegółowe informacje o uwierzytelnianiu: Proces logowania: NtLmSsp Pakiet uwierzytelniania: NTLM Usługi przejściowe: - Nazwa pakietu (tylko NTLM): NTLM V1 Długość klucza: 128 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 25138 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120126184805.096416-000 Event Type: Sukcesy inspekcji User: Computer Name: Domowy Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 3 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-7 Nazwa konta: LOGOWANIE ANONIMOWE Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0xb43ec Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x0 Nazwa procesu: - Informacje o sieci: Nazwa stacji roboczej: RODZIEWICZ Adres źródłowy sieci: fe80::69b3:f161:d08a:181e Port źródłowy: 52835 Szczegółowe informacje o uwierzytelnianiu: Proces logowania: NtLmSsp Pakiet uwierzytelniania: NTLM Usługi przejściowe: - Nazwa pakietu (tylko NTLM): NTLM V1 Długość klucza: 128 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 25137 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120126184804.461379-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=3 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=0402 "windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log "windows_tracing_flags"=3 -----------------EOF-----------------[/log]
Gość komentarz 14 maja 2012 komentarz 14 maja 2012 Prosiłem żebyś odinstalowł Spaybota. Tak czy nie? To teraz zobacz co Twój ukochany program robi z plikiem hosts i połaczeniem internetowy (blokada DNS). Wywaliło usługę bo Spaybocik nie chce żebyś grał. Ale gadanie squonka, to tylko takie gadanie [code]O1 HOSTS File: ([2012-05-09 16:22:54 | 000,883,758 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com[/code] and [code][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)[/code] Start > uruchom > services.msc sprawdź uslugę [b]Program uruchamiający proces serwera DCOM[/b] powinno być stan Automatyczny/ Uruchomiono i t o samo dla usługi [b]Zdalne wywoływanie procedur RPC[/b] 1
Igorrodz komentarz 14 maja 2012 Autor komentarz 14 maja 2012 [quote name='radekx' timestamp='1337027564' post='1500905'] A wykluczyłeś infekcję? [/quote] Avast i Malwarebytes nic nie wykrywają. [quote name='squonk' timestamp='1337027809' post='1500912'] Prosiłem żebyś odinstalowł Spaybota. [/quote] Odinstalowane. [quote name='squonk' timestamp='1337027809' post='1500912'] powinno być stan Automatyczny/ Uruchomiono [/quote] Obie usługi tak właśnie są skonfigurowane.
Gość komentarz 14 maja 2012 komentarz 14 maja 2012 Przywróc plik hosts do domyslnej postaci. Uruchom OTL i w oknie Własne opcje skanowania skrypt wklej: [code]:Commands [resethosts] [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt.[/b] 1
Igorrodz komentarz 14 maja 2012 Autor komentarz 14 maja 2012 Done [log]All processes killed ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: Rodziewicz ->Flash cache emptied: 4611 bytes User: UpdatusUser Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Rodziewicz ->Temp folder emptied: 49603847 bytes ->Temporary Internet Files folder emptied: 466521 bytes ->Java cache emptied: 2012855 bytes ->FireFox cache emptied: 1141510740 bytes ->Google Chrome cache emptied: 13569331 bytes ->Opera cache emptied: 4650014 bytes ->Flash cache emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 18696 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes RecycleBin emptied: 46425928 bytes Total Files Cleaned = 1 200,00 mb OTL by OldTimer - Version 3.2.41.0 log created on 05142012_233231 Files\Folders moved on Reboot... C:\Users\Rodziewicz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log]
Gość komentarz 14 maja 2012 komentarz 14 maja 2012 Zobacz ile plików tymczasowych było na dysku [code]Total Files Cleaned = 1 200,00 mb[/code] Zwolniłem Ci 1,2 GB wolnego miejsca. Wisisz mi browarek. [quote] Nadmienić muszę, że wczoraj grając w tą samą grę również pojawił mi się niespodziewany komunikat (jednak innej treści), mniej więcej taki: "System Windows musi być uruchomiony ponownie ponieważ usługa zasilanie została nieoczekiwanie przerwana" po czym nastąpił restart systemu. Tu nie zdążyłem zrobić screena bo zanim się zorientowałem restart właśnie nastąpił. [/quote] Masz odznaczone Automatyczne uruchamianie w Zaawansowanych opcjach systemu? 1
Igorrodz komentarz 14 maja 2012 Autor komentarz 14 maja 2012 [quote name='squonk' timestamp='1337031463' post='1500957'] Wisisz mi browarek. [/quote] Brackie Zamkowe bądź Mastne może być? [spoiler][img]http://1.bp.blogspot.com/-hyarn1JIsfg/TVWdiyadXQI/AAAAAAAAApI/3dpaqNNAQ9U/s1600/Brackie+Mastne.jpg[/img][/spoiler] [quote name='squonk' timestamp='1337031463' post='1500957'] Masz odznaczone Automatyczne uruchamianie w Zaawansowanych opcjach systemu? [/quote] Teraz już tak
Gość komentarz 15 maja 2012 komentarz 15 maja 2012 Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej: [code]:Files C:\Windows\SysNative\drivers\etc\hosts.20120509-162254.backup C:\Windows\SysNative\drivers\etc\hosts.20120509-160719.backup C:\Windows\SysNative\drivers\etc\hosts.20120425-003051.backup C:\Windows\SysNative\drivers\etc\hosts.20120425-003022.backup :OTL O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found. :Commands [reboot][/code] Kliknij w [b]Wykonaj skrypt[/b]. 2. Odinstaluj RSIT 3.Zrób nowy skan z OTL i przedstaw raport. Tylko nie wklejaj juz żadnych skryptów. OTL ma lecieć na ustawieniach domyślnych. 1
Igorrodz komentarz 15 maja 2012 Autor komentarz 15 maja 2012 Po wykonaniu skryptu podanego przez Ciebie na pulpicie pokazały mi się dotychczas ukryte ikony - desktop.ini (2 szt). Dziwne Oto log z OTL (na ustawieniach domyślnych - kliknąłem w [b]Skanuj [/b]zaraz po uruchomieniu programu - program nie wygenerował logu EXTRAS) - [log]OTL logfile created on: 2012-05-15 17:26:44 - Run 3 OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\Rodziewicz\Desktop\Foldery\OTL 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 45,81% Memory free 7,99 Gb Paging File | 5,55 Gb Available in Paging File | 69,39% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 90,04 Gb Free Space | 38,66% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 7,26 Gb Free Space | 12,38% Space Free | Partition Type: NTFS Drive E: | 58,59 Gb Total Space | 27,84 Gb Free Space | 47,51% Space Free | Partition Type: NTFS Drive F: | 31,85 Gb Total Space | 17,00 Gb Free Space | 53,38% Space Free | Partition Type: NTFS Drive G: | 341,79 Gb Total Space | 291,08 Gb Free Space | 85,16% Space Free | Partition Type: NTFS Drive H: | 341,79 Gb Total Space | 70,35 Gb Free Space | 20,58% Space Free | Partition Type: NTFS Drive I: | 247,92 Gb Total Space | 165,05 Gb Free Space | 66,58% Space Free | Partition Type: NTFS Drive J: | 232,88 Gb Total Space | 226,21 Gb Free Space | 97,14% Space Free | Partition Type: NTFS Drive K: | 1,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DOMOWY | User Name: Rodziewicz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-03 10:55:14 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-04-23 22:45:16 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Rodziewicz\Desktop\Foldery\OTL\OTL.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-02-29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-11-24 22:36:29 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2011-10-31 21:32:54 | 000,540,872 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2010-04-07 15:00:04 | 005,758,976 | ---- | M] ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) -- C:\Program Files (x86)\eMule\emule.exe PRC - [2009-06-03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009-04-16 00:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-05-04 22:58:48 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll MOD - [2012-05-03 10:55:14 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-04-21 21:35:51 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2012-04-21 21:35:46 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2012-04-21 21:35:46 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL MOD - [2012-04-21 21:35:46 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012-04-21 21:35:46 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll MOD - [2012-02-29 14:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2009-06-03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009-06-03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2011-12-26 15:33:26 | 000,289,792 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-05-04 22:58:49 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-03 10:55:15 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-21 21:35:51 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-07 15:09:00 | 000,030,592 | ---- | M] (REALiX™) [Kernel | System | Running] -- C:\Program Files\HWiNFO64\HWiNFO64A.SYS -- (HWiNFO32) DRV:[b]64bit:[/b] - [2012-01-17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-05-11 18:23:10 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-05-11 18:23:10 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-03-07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:[b]64bit:[/b] - [2011-03-07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:[b]64bit:[/b] - [2011-01-13 13:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-11-21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-11-09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-05-19 20:44:00 | 001,137,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV - [2011-11-28 10:42:58 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2011-10-31 16:25:30 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2002-01-12 17:30:34 | 000,003,567 | ---- | M] (Beyond Logic [url="http://www.beyondlogic.org"]http://www.beyondlogic.org[/url]) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PortTalk.sys -- (PortTalk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&form=SPLBR1&pc=SPLH"]http://www.bing.com/...=SPLBR1&pc=SPLH[/url] IE - HKCU\..\SearchScopes\{BD9AB335-39C5-41c3-A47A-FAFB929F1057}: "URL" = [url="http://uk.search.yahoo.com/search?p=%7BsearchTerms%7D&fr=chr-devicevm&type=IEBDSV"]http://uk.search.yah...evm&type=IEBDSV[/url] IE - HKCU\..\SearchScopes\{E2462FB2-6E9E-47ce-8A57-8693D8274191}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q=%7BsearchTerms%7D"]http://www.google.co...q={searchTerms}[/url] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:9666 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher v4.91\FirefoxExtension_2.0 [2011-10-31 21:32:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-29 16:02:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-05-03 10:55:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher v4.91\FirefoxExtension_2.0 [2011-10-31 21:32:54 | 000,000,000 | ---D | M] [2011-12-16 17:03:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rodziewicz\AppData\Roaming\mozilla\Extensions [2012-05-07 21:48:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rodziewicz\AppData\Roaming\mozilla\Firefox\Profiles\fc7csxn5.default\extensions [2012-04-16 19:39:05 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rodziewicz\AppData\Roaming\mozilla\Firefox\Profiles\fc7csxn5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-05-03 10:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-10-31 21:32:54 | 000,000,000 | ---D | M] (Ad Muncher Browser Extensions) -- C:\PROGRAM FILES (X86)\AD MUNCHER V4.91\FIREFOXEXTENSION_2.0 [2012-03-29 16:02:05 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF () (No name found) -- C:\USERS\RODZIEWICZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FC7CSXN5.DEFAULT\EXTENSIONS\{4DC70064-89E2-4A55-8FC6-E8CDEAE3618C}.XPI () (No name found) -- C:\USERS\RODZIEWICZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FC7CSXN5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\RODZIEWICZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FC7CSXN5.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2012-05-03 10:55:15 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-02-21 18:36:02 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-21 18:36:02 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-21 18:36:02 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-21 18:36:02 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-21 18:36:02 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-21 18:36:02 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - Extension: YouTube = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: AdBlock = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.16_0\ CHR - Extension: avast! WebRep = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: Gmail = C:\Users\Rodziewicz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-05-14 23:32:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Ad Muncher] C:\Program Files (x86)\Ad Muncher v4.91\AdMunch.exe (Murray Hurps Corp Pty Ltd) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [Odkurzacz-MCD] C:\Program Files (x86)\Odkurzacz\odk_mcd.exe (Franmo Software) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Block frame with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_frame"]http://www.admuncher...d=menu_ie_frame[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Block image with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_image"]http://www.admuncher...d=menu_ie_image[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Block link with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_link"]http://www.admuncher...id=menu_ie_link[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Don't filter page with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_exclude"]http://www.admuncher...menu_ie_exclude[/url] File not found O8:[b]64bit:[/b] - Extra context menu item: Report page to the Ad Muncher developers - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_report"]http://www.admuncher...=menu_ie_report[/url] File not found O8 - Extra context menu item: Block frame with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_frame"]http://www.admuncher...d=menu_ie_frame[/url] File not found O8 - Extra context menu item: Block image with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_image"]http://www.admuncher...d=menu_ie_image[/url] File not found O8 - Extra context menu item: Block link with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_link"]http://www.admuncher...id=menu_ie_link[/url] File not found O8 - Extra context menu item: Don't filter page with Ad Muncher - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_exclude"]http://www.admuncher...menu_ie_exclude[/url] File not found O8 - Extra context menu item: Report page to the Ad Muncher developers - [url="http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=6Y8HD341&id=menu_ie_report"]http://www.admuncher...=menu_ie_report[/url] File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F3DDA35-2874-4E97-9ED5-544FBB86E730}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F3DDA35-2874-4E97-9ED5-544FBB86E730}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{270B206B-1CA6-456B-8427-008727D3246A}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\ipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-04-16 16:26:07 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - Unable to obtain root file information for disk H:\ O32 - AutoRun File - [2012-03-27 13:30:14 | 000,000,143 | R--- | M] () - K:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{25dd2a4c-03c1-11e1-8ba1-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{25dd2a4c-03c1-11e1-8ba1-806e6f6e6963}\Shell\AutoRun\command - "" = K:\setup.exe -- [2012-03-27 12:16:34 | 000,971,335 | R--- | M] (1C Company. ) O33 - MountPoints2\{25dd2a4c-03c1-11e1-8ba1-806e6f6e6963}\Shell\install\command - "" = K:\setup.exe -- [2012-03-27 12:16:34 | 000,971,335 | R--- | M] (1C Company. ) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-05-14 22:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012-05-14 22:08:56 | 000,000,000 | ---D | C] -- C:\rsit [2012-05-13 14:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag [2012-05-13 14:00:36 | 001,363,968 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranFD.exe [2012-05-13 14:00:36 | 000,289,792 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragS.exe [2012-05-13 14:00:36 | 000,284,672 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDC.exe [2012-05-13 14:00:36 | 000,253,952 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefrag.dll [2012-05-13 14:00:36 | 000,130,048 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragBT.exe [2012-05-13 14:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag [2012-05-11 18:41:01 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Local\SniperV2 [2012-05-11 17:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 [2012-05-11 17:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO64 [2012-05-09 16:19:51 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012-05-09 16:19:49 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-05-09 16:19:48 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-05-09 16:19:47 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-05-03 23:08:19 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Local\SniperV2 Demo [2012-05-03 22:26:29 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012-05-03 10:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-05-03 10:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-04-24 18:58:08 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 12:57:50 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\Documents\Diablo III [2012-04-21 12:57:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012-04-20 19:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta [2012-04-20 19:06:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III Beta [2012-04-20 19:06:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2012-04-20 19:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012-04-19 22:31:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012-04-19 17:50:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-04-19 17:50:13 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012-04-19 17:50:13 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012-04-19 17:50:13 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012-04-19 17:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-04-16 19:41:54 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\Desktop\Skróty [2012-04-16 19:39:34 | 000,000,000 | ---D | C] -- C:\Users\Rodziewicz\Desktop\Foldery [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-05-15 17:23:58 | 000,045,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-15 17:23:58 | 000,045,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-15 17:16:38 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-15 17:16:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-15 17:16:09 | 3219,152,896 | -HS- | M] () -- C:\hiberfil.sys [2012-05-15 17:14:46 | 000,000,139 | ---- | M] () -- C:\Users\Rodziewicz\AppData\Roaming\Network Monitor II_Traffic.ini [2012-05-15 16:57:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-15 16:49:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-14 23:32:35 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2012-05-14 21:34:33 | 000,306,533 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\błąd_0001.jpg [2012-05-14 00:19:09 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-14 00:19:09 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-05-14 00:19:09 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-14 00:19:09 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-05-14 00:19:09 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-14 00:13:18 | 002,697,942 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\video-2012-05-14-00-12-48.mp4 [2012-05-13 23:51:06 | 000,007,609 | ---- | M] () -- C:\Users\Rodziewicz\AppData\Local\resmon.resmoncfg [2012-05-13 11:53:02 | 000,292,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-11 17:14:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-05-11 16:46:01 | 000,000,221 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\Sniper Elite V2.url [2012-05-04 22:58:48 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-05-04 22:58:48 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-05-04 22:58:39 | 008,744,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-04-20 19:06:54 | 000,001,270 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk [2012-04-19 22:31:28 | 000,001,347 | ---- | M] () -- C:\Users\Rodziewicz\Desktop\Men of War. Condemned Heroes.lnk [2012-04-19 17:49:58 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012-04-19 17:49:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012-04-19 17:49:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012-04-19 17:49:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-14 21:34:33 | 000,306,533 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\błąd_0001.jpg [2012-05-14 00:17:14 | 002,697,942 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\video-2012-05-14-00-12-48.mp4 [2012-05-11 16:46:01 | 000,000,221 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\Sniper Elite V2.url [2012-04-20 19:06:34 | 000,001,270 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk [2012-04-19 22:31:28 | 000,001,347 | ---- | C] () -- C:\Users\Rodziewicz\Desktop\Men of War. Condemned Heroes.lnk [2012-03-11 20:02:26 | 000,000,191 | ---- | C] () -- C:\ProgramData\Spybot - Search & Destroyation.ination.ini [2012-03-08 18:46:20 | 000,007,609 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Local\resmon.resmoncfg [2012-03-05 09:25:54 | 000,000,620 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Roaming\Network Monitor II_Settings.ini [2012-03-03 22:42:35 | 000,000,139 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Roaming\Network Monitor II_Traffic.ini [2012-02-29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012-01-21 22:02:45 | 000,000,000 | ---- | C] () -- C:\Users\Rodziewicz\AppData\Local\{812F9B85-3B53-4CEA-9BD8-5A5D1424DB29} [2011-11-29 21:59:07 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2011-11-29 21:59:07 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2011-11-29 21:59:07 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2011-11-29 21:54:49 | 000,018,560 | ---- | C] () -- C:\Windows\DIIUnin.dat [2011-11-17 09:17:00 | 000,000,416 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011-11-15 21:56:15 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011-11-12 00:57:51 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-11-12 00:57:40 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-11-12 00:57:40 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-11-12 00:57:40 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-10-31 18:05:23 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2011-10-31 17:38:22 | 000,000,272 | ---- | C] () -- C:\Windows\lgfwup.ini [2011-10-31 17:09:18 | 000,397,312 | R--- | C] () -- C:\Windows\SysWow64\zshp1020.exe [2011-10-31 17:09:18 | 000,106,496 | R--- | C] () -- C:\Windows\SysWow64\vshp1020.dll [2011-10-31 16:39:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011-10-31 16:22:41 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2011-10-31 16:09:07 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini < End of report > [/log]
Gość komentarz 15 maja 2012 komentarz 15 maja 2012 [quote]Po wykonaniu skryptu podanego przez Ciebie na pulpicie pokazały mi się dotychczas ukryte ikony - desktop.ini (2 szt). Dziwne [/quote] OTL przestawia czasem opcje widoku. Pokazuje wtedy ukryte pliki systemowe. Przestaw sobie to recznie. Uruchom OTL i kliknij [b]Sprzatanie[/b]. Z mojej strony to wszystko. 1
Igorrodz komentarz 17 maja 2012 Autor komentarz 17 maja 2012 Dobra, wykonałem. Mam teraz nadzieję, że wszystko będzie działało ok.[quote name='Igorrodz' timestamp='1337025927' post='1500883'] Nadmienić muszę, że wczoraj grając w tą samą grę również pojawił mi się niespodziewany komunikat (jednak innej treści), mniej więcej taki: "System Windows musi być uruchomiony ponownie ponieważ usługa zasilanie została nieoczekiwanie przerwana" po czym nastąpił restart systemu. [/quote] Niestety, znowu grając w [b]Sniper Elite V2[/b] wyskoczył mi ten błąd. Nie wiem, jaka może być potencjalna jego przyczyna ale tak dzieję się tylko w tej grze więc obstawiam, że to z nią jest jakiś problem, co nie? Niemniej jak macie jakieś pomysły dla mnie to piszcie. Dodam, że patcha żadnego Rebelion jeszcze nie wydało.
radekx komentarz 17 maja 2012 komentarz 17 maja 2012 A może przeleć jednak jakims lepszym skanerem, np. tym [url="http://www.eset.pl/Pobierz/Dodatkowe_narzedzia/ESET_Online_Scanner"]http://www.eset.pl/Pobierz/Dodatkowe_narzedzia/ESET_Online_Scanner[/url] Oraz Combofixem 1
Igorrodz komentarz 17 maja 2012 Autor komentarz 17 maja 2012 Wolę nie bo: [quote]4. [b]Nie[/b] używaj programu ComboFix bez wyraźnego zalecenia.[/quote] A takiego zlecenia od osób polecanych w tym dziale nie otrzymałem. Co do ESET'a sprawdzę ale wątpię, że to coś da bo bo skanuję Avastem i Malwarebytes regularnie.
Gość komentarz 18 maja 2012 komentarz 18 maja 2012 [quote]A takiego zlecenia od osób polecanych w tym dziale nie otrzymałem.[/quote] Słusznie. [quote]Masz odznaczone Automatyczne uruchamianie w Zaawansowanych opcjach systemu? Teraz już tak [/quote] Skoro odznaczone, to jest folder zrzutu błedu i tu kłania się diagnostyka BSOD. [quote]Co do ESET'a sprawdzę ale wątpię, że to coś da bo bo skanuję Avastem i Malwarebytes regularnie. [/quote] Jeśli juz to ochrona Avasta może miec wpływ. Ale najpierw diagnostyka błedu. 1
Igorrodz komentarz 18 maja 2012 Autor komentarz 18 maja 2012 (edytowane) Tak, tylko nie pokazuje mi tego błędu jako BSOD, posiadam jedynie to, które nie jest chyba związane z ta grą: [log] Microsoft ® Windows Debugger Version 6.2.8229.0 AMD64 Copyright © Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Summary Dump File: Only kernel address space is available Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (3 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17803.amd64fre.win7sp1_gdr.120330-1504 Machine Name: Kernel base = 0xfffff800`0305d000 PsLoadedModuleList = 0xfffff800`032a1670 Debug session time: Tue May 15 18:22:04.112 2012 (UTC + 2:00) System Uptime: 0 days 0:07:29.751 Loading Kernel Symbols ............................................................... ................................................................ ............................... Loading User Symbols PEB is paged out (Peb.Ldr = 000007ff`fffd4018). Type ".hh dbgerr001" for details Loading unloaded module list .... TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\oca.ini, error 2 TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winxp\triage.ini, error 2 TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\user.ini, error 2 ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 101, {41, 0, fffff880009e9180, 1} Page 9854f not present in the dump file. Type ".hh dbgerr004" for details Page 9917e not present in the dump file. Type ".hh dbgerr004" for details Page 99199 not present in the dump file. Type ".hh dbgerr004" for details Page 99cb8 not present in the dump file. Type ".hh dbgerr004" for details Page 9a3bd not present in the dump file. Type ".hh dbgerr004" for details Page 99dbe not present in the dump file. Type ".hh dbgerr004" for details Page 991c5 not present in the dump file. Type ".hh dbgerr004" for details Page 98dcd not present in the dump file. Type ".hh dbgerr004" for details Page 999e6 not present in the dump file. Type ".hh dbgerr004" for details Page 997e7 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa06 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb08 not present in the dump file. Type ".hh dbgerr004" for details Page 6ff09 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0b not present in the dump file. Type ".hh dbgerr004" for details Page 6fd0c not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0d not present in the dump file. Type ".hh dbgerr004" for details Page 7000e not present in the dump file. Type ".hh dbgerr004" for details Page 90825 not present in the dump file. Type ".hh dbgerr004" for details Page 8fe26 not present in the dump file. Type ".hh dbgerr004" for details Page 90a28 not present in the dump file. Type ".hh dbgerr004" for details Page 90e2e not present in the dump file. Type ".hh dbgerr004" for details Page 9062f not present in the dump file. Type ".hh dbgerr004" for details Page 90a30 not present in the dump file. Type ".hh dbgerr004" for details Page 91431 not present in the dump file. Type ".hh dbgerr004" for details Page 91632 not present in the dump file. Type ".hh dbgerr004" for details Page 91333 not present in the dump file. Type ".hh dbgerr004" for details Page 91d3e not present in the dump file. Type ".hh dbgerr004" for details Page 9243f not present in the dump file. Type ".hh dbgerr004" for details Page 97e42 not present in the dump file. Type ".hh dbgerr004" for details Page 97d43 not present in the dump file. Type ".hh dbgerr004" for details Page 98044 not present in the dump file. Type ".hh dbgerr004" for details Page 98548 not present in the dump file. Type ".hh dbgerr004" for details Page 98549 not present in the dump file. Type ".hh dbgerr004" for details Page 9894c not present in the dump file. Type ".hh dbgerr004" for details Page 9884d not present in the dump file. Type ".hh dbgerr004" for details Page 98a4e not present in the dump file. Type ".hh dbgerr004" for details Page 98757 not present in the dump file. Type ".hh dbgerr004" for details Page 98b66 not present in the dump file. Type ".hh dbgerr004" for details Page 9916d not present in the dump file. Type ".hh dbgerr004" for details Page 9926e not present in the dump file. Type ".hh dbgerr004" for details Page 9958e not present in the dump file. Type ".hh dbgerr004" for details Page 98f8f not present in the dump file. Type ".hh dbgerr004" for details Page 98b95 not present in the dump file. Type ".hh dbgerr004" for details Page 99398 not present in the dump file. Type ".hh dbgerr004" for details Page 99099 not present in the dump file. Type ".hh dbgerr004" for details Page 9989b not present in the dump file. Type ".hh dbgerr004" for details Page 994ac not present in the dump file. Type ".hh dbgerr004" for details Page 99fba not present in the dump file. Type ".hh dbgerr004" for details Page 9a1bc not present in the dump file. Type ".hh dbgerr004" for details Page 9a2bd not present in the dump file. Type ".hh dbgerr004" for details Page 99cbe not present in the dump file. Type ".hh dbgerr004" for details Page 996bf not present in the dump file. Type ".hh dbgerr004" for details Page 995c0 not present in the dump file. Type ".hh dbgerr004" for details Page 996c1 not present in the dump file. Type ".hh dbgerr004" for details Page 992c2 not present in the dump file. Type ".hh dbgerr004" for details Page 993c3 not present in the dump file. Type ".hh dbgerr004" for details Page 996c4 not present in the dump file. Type ".hh dbgerr004" for details Page 990c5 not present in the dump file. Type ".hh dbgerr004" for details Page 996c7 not present in the dump file. Type ".hh dbgerr004" for details Page 991cb not present in the dump file. Type ".hh dbgerr004" for details Page 99cd9 not present in the dump file. Type ".hh dbgerr004" for details Page 99bda not present in the dump file. Type ".hh dbgerr004" for details Page 99bdb not present in the dump file. Type ".hh dbgerr004" for details Page 999dc not present in the dump file. Type ".hh dbgerr004" for details Page 999dd not present in the dump file. Type ".hh dbgerr004" for details Page 99bde not present in the dump file. Type ".hh dbgerr004" for details Page 997df not present in the dump file. Type ".hh dbgerr004" for details Page 99ced not present in the dump file. Type ".hh dbgerr004" for details Page 997ef not present in the dump file. Type ".hh dbgerr004" for details Page 994f0 not present in the dump file. Type ".hh dbgerr004" for details Page 999f1 not present in the dump file. Type ".hh dbgerr004" for details Page 99ef4 not present in the dump file. Type ".hh dbgerr004" for details Page 999f5 not present in the dump file. Type ".hh dbgerr004" for details Page 994f6 not present in the dump file. Type ".hh dbgerr004" for details Page 994f7 not present in the dump file. Type ".hh dbgerr004" for details Page 992f8 not present in the dump file. Type ".hh dbgerr004" for details Page 996f9 not present in the dump file. Type ".hh dbgerr004" for details Page 996fa not present in the dump file. Type ".hh dbgerr004" for details Page 995fb not present in the dump file. Type ".hh dbgerr004" for details Page 6f401 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc02 not present in the dump file. Type ".hh dbgerr004" for details Page 6f703 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb04 not present in the dump file. Type ".hh dbgerr004" for details Page 6f705 not present in the dump file. Type ".hh dbgerr004" for details Page 6f906 not present in the dump file. Type ".hh dbgerr004" for details Page 6f407 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa08 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc12 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc13 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb1c not present in the dump file. Type ".hh dbgerr004" for details Page 6fa1d not present in the dump file. Type ".hh dbgerr004" for details Page 6ff1f not present in the dump file. Type ".hh dbgerr004" for details Page 6fe20 not present in the dump file. Type ".hh dbgerr004" for details Page 8f721 not present in the dump file. Type ".hh dbgerr004" for details Page 8fb22 not present in the dump file. Type ".hh dbgerr004" for details Page 90324 not present in the dump file. Type ".hh dbgerr004" for details Page 90b2c not present in the dump file. Type ".hh dbgerr004" for details Page 90d2d not present in the dump file. Type ".hh dbgerr004" for details Page 90d2e not present in the dump file. Type ".hh dbgerr004" for details Page 9052f not present in the dump file. Type ".hh dbgerr004" for details Page 91233 not present in the dump file. Type ".hh dbgerr004" for details Page 9243b not present in the dump file. Type ".hh dbgerr004" for details Page 9213c not present in the dump file. Type ".hh dbgerr004" for details Page 9223d not present in the dump file. Type ".hh dbgerr004" for details Page 91c3e not present in the dump file. Type ".hh dbgerr004" for details Page 92440 not present in the dump file. Type ".hh dbgerr004" for details Page 9874d not present in the dump file. Type ".hh dbgerr004" for details Page 9894e not present in the dump file. Type ".hh dbgerr004" for details Page 9854f not present in the dump file. Type ".hh dbgerr004" for details TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\modclass.ini, error 2 Probably caused by : memory_corruption Followup: memory_corruption --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* CLOCK_WATCHDOG_TIMEOUT (101) An expected clock interrupt was not received on a secondary processor in an MP system within the allocated interval. This indicates that the specified processor is hung and not processing interrupts. Arguments: Arg1: 0000000000000041, Clock interrupt time out interval in nominal clock ticks. Arg2: 0000000000000000, 0. Arg3: fffff880009e9180, The PRCB address of the hung processor. Arg4: 0000000000000001, 0. Debugging Details: ------------------ Page 9917e not present in the dump file. Type ".hh dbgerr004" for details Page 99199 not present in the dump file. Type ".hh dbgerr004" for details Page 99cb8 not present in the dump file. Type ".hh dbgerr004" for details Page 9a3bd not present in the dump file. Type ".hh dbgerr004" for details Page 99dbe not present in the dump file. Type ".hh dbgerr004" for details Page 991c5 not present in the dump file. Type ".hh dbgerr004" for details Page 98dcd not present in the dump file. Type ".hh dbgerr004" for details Page 999e6 not present in the dump file. Type ".hh dbgerr004" for details Page 997e7 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa06 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb08 not present in the dump file. Type ".hh dbgerr004" for details Page 6ff09 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0b not present in the dump file. Type ".hh dbgerr004" for details Page 6fd0c not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0d not present in the dump file. Type ".hh dbgerr004" for details Page 7000e not present in the dump file. Type ".hh dbgerr004" for details Page 90825 not present in the dump file. Type ".hh dbgerr004" for details Page 8fe26 not present in the dump file. Type ".hh dbgerr004" for details Page 90a28 not present in the dump file. Type ".hh dbgerr004" for details Page 90e2e not present in the dump file. Type ".hh dbgerr004" for details Page 9062f not present in the dump file. Type ".hh dbgerr004" for details Page 90a30 not present in the dump file. Type ".hh dbgerr004" for details Page 91431 not present in the dump file. Type ".hh dbgerr004" for details Page 91632 not present in the dump file. Type ".hh dbgerr004" for details Page 91333 not present in the dump file. Type ".hh dbgerr004" for details Page 91d3e not present in the dump file. Type ".hh dbgerr004" for details Page 9243f not present in the dump file. Type ".hh dbgerr004" for details Page 97e42 not present in the dump file. Type ".hh dbgerr004" for details Page 97d43 not present in the dump file. Type ".hh dbgerr004" for details Page 98044 not present in the dump file. Type ".hh dbgerr004" for details Page 98548 not present in the dump file. Type ".hh dbgerr004" for details Page 98549 not present in the dump file. Type ".hh dbgerr004" for details Page 9894c not present in the dump file. Type ".hh dbgerr004" for details Page 9884d not present in the dump file. Type ".hh dbgerr004" for details Page 98a4e not present in the dump file. Type ".hh dbgerr004" for details Page 98757 not present in the dump file. Type ".hh dbgerr004" for details Page 98b66 not present in the dump file. Type ".hh dbgerr004" for details Page 9916d not present in the dump file. Type ".hh dbgerr004" for details Page 9926e not present in the dump file. Type ".hh dbgerr004" for details Page 9958e not present in the dump file. Type ".hh dbgerr004" for details Page 98f8f not present in the dump file. Type ".hh dbgerr004" for details Page 98b95 not present in the dump file. Type ".hh dbgerr004" for details Page 99398 not present in the dump file. Type ".hh dbgerr004" for details Page 99099 not present in the dump file. Type ".hh dbgerr004" for details Page 9989b not present in the dump file. Type ".hh dbgerr004" for details Page 994ac not present in the dump file. Type ".hh dbgerr004" for details Page 99fba not present in the dump file. Type ".hh dbgerr004" for details Page 9a1bc not present in the dump file. Type ".hh dbgerr004" for details Page 9a2bd not present in the dump file. Type ".hh dbgerr004" for details Page 99cbe not present in the dump file. Type ".hh dbgerr004" for details Page 996bf not present in the dump file. Type ".hh dbgerr004" for details Page 995c0 not present in the dump file. Type ".hh dbgerr004" for details Page 996c1 not present in the dump file. Type ".hh dbgerr004" for details Page 992c2 not present in the dump file. Type ".hh dbgerr004" for details Page 993c3 not present in the dump file. Type ".hh dbgerr004" for details Page 996c4 not present in the dump file. Type ".hh dbgerr004" for details Page 990c5 not present in the dump file. Type ".hh dbgerr004" for details Page 996c7 not present in the dump file. Type ".hh dbgerr004" for details Page 991cb not present in the dump file. Type ".hh dbgerr004" for details Page 99cd9 not present in the dump file. Type ".hh dbgerr004" for details Page 99bda not present in the dump file. Type ".hh dbgerr004" for details Page 99bdb not present in the dump file. Type ".hh dbgerr004" for details Page 999dc not present in the dump file. Type ".hh dbgerr004" for details Page 999dd not present in the dump file. Type ".hh dbgerr004" for details Page 99bde not present in the dump file. Type ".hh dbgerr004" for details Page 997df not present in the dump file. Type ".hh dbgerr004" for details Page 99ced not present in the dump file. Type ".hh dbgerr004" for details Page 997ef not present in the dump file. Type ".hh dbgerr004" for details Page 994f0 not present in the dump file. Type ".hh dbgerr004" for details Page 999f1 not present in the dump file. Type ".hh dbgerr004" for details Page 99ef4 not present in the dump file. Type ".hh dbgerr004" for details Page 999f5 not present in the dump file. Type ".hh dbgerr004" for details Page 994f6 not present in the dump file. Type ".hh dbgerr004" for details Page 994f7 not present in the dump file. Type ".hh dbgerr004" for details Page 992f8 not present in the dump file. Type ".hh dbgerr004" for details Page 996f9 not present in the dump file. Type ".hh dbgerr004" for details Page 996fa not present in the dump file. Type ".hh dbgerr004" for details Page 995fb not present in the dump file. Type ".hh dbgerr004" for details Page 6f401 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc02 not present in the dump file. Type ".hh dbgerr004" for details Page 6f703 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb04 not present in the dump file. Type ".hh dbgerr004" for details Page 6f705 not present in the dump file. Type ".hh dbgerr004" for details Page 6f906 not present in the dump file. Type ".hh dbgerr004" for details Page 6f407 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa08 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc12 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc13 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb1c not present in the dump file. Type ".hh dbgerr004" for details Page 6fa1d not present in the dump file. Type ".hh dbgerr004" for details Page 6ff1f not present in the dump file. Type ".hh dbgerr004" for details Page 6fe20 not present in the dump file. Type ".hh dbgerr004" for details Page 8f721 not present in the dump file. Type ".hh dbgerr004" for details Page 8fb22 not present in the dump file. Type ".hh dbgerr004" for details Page 90324 not present in the dump file. Type ".hh dbgerr004" for details Page 90b2c not present in the dump file. Type ".hh dbgerr004" for details Page 90d2d not present in the dump file. Type ".hh dbgerr004" for details Page 90d2e not present in the dump file. Type ".hh dbgerr004" for details Page 9052f not present in the dump file. Type ".hh dbgerr004" for details Page 91233 not present in the dump file. Type ".hh dbgerr004" for details Page 9243b not present in the dump file. Type ".hh dbgerr004" for details Page 9213c not present in the dump file. Type ".hh dbgerr004" for details Page 9223d not present in the dump file. Type ".hh dbgerr004" for details Page 91c3e not present in the dump file. Type ".hh dbgerr004" for details Page 92440 not present in the dump file. Type ".hh dbgerr004" for details Page 9874d not present in the dump file. Type ".hh dbgerr004" for details Page 9894e not present in the dump file. Type ".hh dbgerr004" for details Page 9854f not present in the dump file. Type ".hh dbgerr004" for details TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\modclass.ini, error 2 BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_3_PROC DEFAULT_BUCKET_ID: CODE_CORRUPTION PROCESS_NAME: explorer.exe CURRENT_IRQL: d STACK_TEXT: fffff880`07be1e88 fffff800`03132f3a : 00000000`00000101 00000000`00000041 00000000`00000000 fffff880`009e9180 : nt!KeBugCheckEx fffff880`07be1e90 fffff800`030e5ce7 : 00000000`00000000 fffff800`00000001 00000000`00002710 fffff800`030df08a : nt! ?? ::FNODOBFM::`string'+0x4e2e fffff880`07be1f20 fffff800`0301e895 : fffff800`03044460 fffff880`07be20d0 fffff800`03044460 00000000`00000000 : nt!KeUpdateSystemTime+0x377 fffff880`07be2020 fffff800`030d8713 : 00000000`c4421ff5 fffff800`0324ee80 fffff800`0324ee80 00000000`00000000 : hal!HalpHpetClockInterrupt+0x8d fffff880`07be2050 fffff800`030e0ff0 : fffff800`0324ee80 fffff900`00000001 00000000`00000000 fffff880`07be22e8 : nt!KiInterruptDispatchNoLock+0x163 fffff880`07be21e0 fffff800`030fb951 : 00000000`00000000 00000000`00000002 00000000`00000001 00000000`00000111 : nt!KeFlushMultipleRangeTb+0x260 fffff880`07be22b0 fffff800`030fe398 : 00000000`00000002 fffff880`07be2400 fffff900`c01cc000 00000000`00000080 : nt!MiFlushTbAsNeeded+0x1d1 fffff880`07be23c0 fffff800`03204f86 : 00000000`00001b40 fffff880`038a1cc0 00000000`00000021 fffff800`00000028 : nt!MiAllocatePagedPoolPages+0x4cc fffff880`07be24e0 fffff800`030fc0b0 : 00000000`00001b40 fffff880`038a1cc0 00000000`00000021 fffff800`030e52d2 : nt!MiAllocatePoolPages+0x906 fffff880`07be2620 fffff800`0320790e : 00000000`00000000 00000000`00000000 fffff900`00000020 00000000`00001b40 : nt!ExpAllocateBigPool+0xb0 fffff880`07be2710 fffff960`000b3e55 : 00000000`00001165 00000000`00000000 00000000`00000000 fffff960`000c561d : nt!ExAllocatePoolWithTag+0x82e fffff880`07be2800 fffff960`000b5378 : 00000000`00000001 fffff880`07be2998 00000000`00000001 fffff960`000c584e : win32k!AllocateObject+0xdd fffff880`07be2840 fffff960`0008afa3 : fffff880`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!SURFMEM::bCreateDIB+0x1f8 fffff880`07be2930 fffff960`000a1f24 : 00000000`01010051 fffff900`c225a530 00000000`00000000 00000000`0000002c : win32k!GreCreateDIBitmapReal+0x533 fffff880`07be2a60 fffff960`000a3f22 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!InternalGetIconInfo+0x174 fffff880`07be2b50 fffff800`030db453 : fffffa80`06e7e600 00000000`035be498 fffff880`07be2c18 00000000`00000028 : win32k!NtUserGetIconInfo+0x182 fffff880`07be2c00 00000000`7727192a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`035be478 fffff800`030d3810 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7727192a fffff880`07be2e50 fffff880`07be2e78 : 00000000`00000000 fffff900`c060e010 00000000`00000000 00000000`00000202 : nt!KiCallUserMode fffff880`07be2e58 00000000`00000000 : fffff900`c060e010 00000000`00000000 00000000`00000202 fffff880`07be3860 : 0xfffff880`07be2e78 STACK_COMMAND: kb CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32k fffff96000037e94-fffff96000037e9b 8 bytes - win32k!GreSelectBrush+5c [ 90 90 90 90 90 90 90 90:4c cf 6c 03 80 f8 ff ff ] fffff9600003b684-fffff9600003b689 6 bytes - win32k!NtUserSwitchDesktop (+0x37f0) [ 48 89 5c 24 08 57:ff 25 ce 62 0a 00 ] fffff960000700bc-fffff960000700c3 8 bytes - win32k!CreateDesktopHeap+104 (+0x34a38) [ 90 90 90 90 90 90 90 90:d8 d3 6c 03 80 f8 ff ff ] fffff96000075aac-fffff96000075ab1 6 bytes - win32k!NtGdiOpenDCW (+0x59f0) [ 48 8b c4 48 89 58:ff 25 56 68 06 00 ] fffff9600007eeb8-fffff9600007eebf 8 bytes - win32k!NtGdiGetSystemPaletteUse (+0x940c) [ 90 90 90 90 90 90 90 90:e0 d7 6c 03 80 f8 ff ff ] fffff9600007f014-fffff9600007f017 4 bytes - win32k!NtUserSetWindowsHookEx (+0x15c) [ 48 89 5c 24:ff 25 66 ce ] fffff9600007f019 - win32k!NtUserSetWindowsHookEx+5 (+0x05) [ 48:00 ] fffff9600007f90c-fffff9600007f913 8 bytes - win32k!DestroyCacheDC+1d4 (+0x8f3) [ 90 90 90 90 90 90 90 90:d4 d4 6c 03 80 f8 ff ff ] fffff9600007ff78-fffff9600007ff7f 8 bytes - win32k!NtGdiPolyPolyDraw (+0x66c) [ 90 90 90 90 90 90 90 90:04 d7 6c 03 80 f8 ff ff ] fffff960000875c8-fffff960000875cd 6 bytes - win32k!NtGdiDeleteObjectApp (+0x7650) [ 48 89 5c 24 08 57:ff 25 8e 55 10 00 ] fffff96000089de8-fffff96000089def 8 bytes - win32k!bCaptureBitmapInfo+b8 (+0x2820) [ 90 90 90 90 90 90 90 90:40 d5 6c 03 80 f8 ff ff ] fffff960000950d8-fffff960000950df 8 bytes - win32k!NtUserThunkedMenuInfo+4 (+0xb2f0) [ 90 90 90 90 90 90 90 90:38 f5 6c 03 80 f8 ff ff ] fffff9600009d738-fffff9600009d73f 8 bytes - win32k!NtUserTrackMouseEvent (+0x8660) [ 90 90 90 90 90 90 90 90:78 ed 6c 03 80 f8 ff ff ] fffff960000a3f74-fffff960000a3f7b 8 bytes - win32k!NtUserGetIconInfo+1d4 (+0x683c) [ 90 90 90 90 90 90 90 90:a4 dd 6c 03 80 f8 ff ff ] fffff960000b28b8-fffff960000b28bf 8 bytes - win32k!UserGetAtomName+58 (+0xe944) [ 90 90 90 90 90 90 90 90:30 d3 6c 03 80 f8 ff ff ] fffff960000b74f4-fffff960000b74fb 8 bytes - win32k!PtiFromThreadId+dc (+0x4c3c) [ 90 90 90 90 90 90 90 90:c8 dd 6c 03 80 f8 ff ff ] fffff960000b7f30-fffff960000b7f35 6 bytes - win32k!NtGdiCreateCompatibleDC (+0xa3c) [ e9 ff fa ff ff 90:ff 25 02 58 fe ff ] fffff960000bacc8-fffff960000baccd 6 bytes - win32k!NtUserSystemParametersInfo (+0x2d98) [ 44 89 4c 24 20 4c:ff 25 4a 21 14 00 ] fffff960000d1a54-fffff960000d1a5b 8 bytes - win32k!ClearSendMessages+180 (+0x16d8c) [ 90 90 90 90 90 90 90 90:28 d6 6c 03 80 f8 ff ff ] Page 9917e not present in the dump file. Type ".hh dbgerr004" for details fffff960000d1a5d-fffff960000d1a61 5 bytes - win32k!NtUserDestroyWindow+1 (+0x09) [ f3 48 83 ec 20:25 5a e6 f9 ff ] fffff960000d7480-fffff960000d7485 6 bytes - win32k!NtUserOpenDesktop (+0x5a23) [ 48 89 5c 24 08 48:ff 25 26 d3 12 00 ] fffff960000d79d8-fffff960000d79df 8 bytes - win32k!NtUserDragObject+154 (+0x558) [ 90 90 90 90 90 90 90 90:ac f6 6c 03 80 f8 ff ff ] fffff960000d9578-fffff960000d957d 6 bytes - win32k!NtUserSetWinEventHook (+0x1ba0) [ 48 89 5c 24 08 48:ff 25 16 e9 f5 ff ] fffff960000d98ec-fffff960000d98f3 8 bytes - win32k!NtUserGetGUIThreadInfo+d8 (+0x374) [ 90 90 90 90 90 90 90 90:80 db 6c 03 80 f8 ff ff ] fffff960000da640-fffff960000da645 6 bytes - win32k!NtUserGetClipboardData (+0xd54) [ 48 89 5c 24 08 48:ff 25 72 48 fa ff ] fffff960000da9a8-fffff960000da9ad 6 bytes - win32k!NtUserAttachThreadInput (+0x368) [ 48 89 5c 24 08 48:ff 25 5a 69 00 00 ] fffff960000db2b0-fffff960000db2b5 6 bytes - win32k!NtUserCallHwndParamLock (+0x908) [ 48 89 5c 24 08 48:ff 25 02 76 fd ff ] fffff960000dba0c-fffff960000dba11 6 bytes - win32k!NtUserGetAsyncKeyState (+0x75c) [ 48 89 5c 24 08 48:ff 25 62 85 fc ff ] fffff960000dc308-fffff960000dc30f 8 bytes - win32k!NtUserGetPriorityClipboardFormat+b0 (+0x8fc) [ 90 90 90 90 90 90 90 90:b4 eb 6c 03 80 f8 ff ff ] fffff960000dcb88-fffff960000dcb8d 6 bytes - win32k!NtUserRegisterHotKey (+0x880) [ 48 8b c4 48 89 58:ff 25 8a 6b 0d 00 ] fffff960000dd0ac-fffff960000dd0b1 6 bytes - win32k!NtUserSetClipboardViewer (+0x524) [ 48 89 5c 24 08 57:ff 25 a2 49 ff ff ] fffff960000dd4f0-fffff960000dd4f5 6 bytes - win32k!NtUserSetSysColors (+0x444) [ 48 8b c4 48 89 58:ff 25 62 db 11 00 ] fffff960000de848-fffff960000de84f 8 bytes - win32k!NtUserGetDCEx+168 (+0x1358) [ 90 90 90 90 90 90 90 90:c4 ed 6c 03 80 f8 ff ff ] fffff960000defd4-fffff960000defdb 8 bytes - win32k!NtUserSetWindowRgnEx+1cc (+0x78c) [ 90 90 90 90 90 90 90 90:e0 f1 6c 03 80 f8 ff ff ] fffff960000e0774-fffff960000e0779 6 bytes - win32k!NtUserBuildNameList (+0x17a0) [ 48 89 5c 24 08 48:ff 25 72 91 ff ff ] fffff960000e0c94-fffff960000e0c99 6 bytes - win32k!NtUserSendInput (+0x520) [ 48 8b c4 48 89 58:ff 25 4e 91 fa ff ] fffff960000e0e00-fffff960000e0e05 6 bytes - win32k!NtUserBlockInput (+0x16c) [ 48 89 5c 24 08 48:ff 25 06 eb f9 ff ] fffff960000e1308-fffff960000e130f 8 bytes - win32k!NtUserGetClassInfoEx (+0x508) [ 90 90 90 90 90 90 90 90:ec dd 6c 03 80 f8 ff ff ] fffff960000e1958-fffff960000e195f 8 bytes - win32k!NtUserGetProp+7c (+0x650) [ 90 90 90 90 90 90 90 90:64 db 6c 03 80 f8 ff ff ] fffff960000e30c0-fffff960000e30c5 6 bytes - win32k!NtUserGetKeyboardState (+0x1768) [ 48 89 4c 24 08 53:ff 25 12 8b 11 00 ] fffff960000e323c-fffff960000e3241 6 bytes - win32k!NtUserGetKeyState (+0x17c) [ 48 89 5c 24 08 48:ff 25 b2 42 fd ff ] fffff960000e7d64-fffff960000e7d69 6 bytes - win32k!NtUserRegisterRawInputDevices (+0x4b28) [ 48 89 5c 24 10 56:ff 25 fa 50 11 00 ] Page 99199 not present in the dump file. Type ".hh dbgerr004" for details Page 99cb8 not present in the dump file. Type ".hh dbgerr004" for details Page 9a3bd not present in the dump file. Type ".hh dbgerr004" for details Page 99dbe not present in the dump file. Type ".hh dbgerr004" for details Page 991c5 not present in the dump file. Type ".hh dbgerr004" for details Page 98dcd not present in the dump file. Type ".hh dbgerr004" for details Page 999e6 not present in the dump file. Type ".hh dbgerr004" for details Page 997e7 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa06 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb08 not present in the dump file. Type ".hh dbgerr004" for details Page 6ff09 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0b not present in the dump file. Type ".hh dbgerr004" for details Page 6fd0c not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0d not present in the dump file. Type ".hh dbgerr004" for details Page 7000e not present in the dump file. Type ".hh dbgerr004" for details Page 90825 not present in the dump file. Type ".hh dbgerr004" for details Page 8fe26 not present in the dump file. Type ".hh dbgerr004" for details Page 90a28 not present in the dump file. Type ".hh dbgerr004" for details Page 90e2e not present in the dump file. Type ".hh dbgerr004" for details Page 9062f not present in the dump file. Type ".hh dbgerr004" for details Page 90a30 not present in the dump file. Type ".hh dbgerr004" for details Page 91431 not present in the dump file. Type ".hh dbgerr004" for details Page 91632 not present in the dump file. Type ".hh dbgerr004" for details Page 91333 not present in the dump file. Type ".hh dbgerr004" for details fffff960000e9718-fffff960000e971d 6 bytes - win32k!NtUserAddClipboardFormatListener (+0x19b4) [ 48 89 5c 24 08 48:ff 25 5a 68 f9 ff ] fffff9600018cb5c-fffff9600018cb63 8 bytes - win32k!NtGdiD3dValidateTextureStageState+c (+0xa3444) [ 90 90 90 90 90 90 90 90:18 ed 6c 03 80 f8 ff ff ] Page 91d3e not present in the dump file. Type ".hh dbgerr004" for details Page 9243f not present in the dump file. Type ".hh dbgerr004" for details Page 97e42 not present in the dump file. Type ".hh dbgerr004" for details Page 97d43 not present in the dump file. Type ".hh dbgerr004" for details Page 98044 not present in the dump file. Type ".hh dbgerr004" for details Page 98548 not present in the dump file. Type ".hh dbgerr004" for details Page 98549 not present in the dump file. Type ".hh dbgerr004" for details Page 9894c not present in the dump file. Type ".hh dbgerr004" for details Page 9884d not present in the dump file. Type ".hh dbgerr004" for details Page 98a4e not present in the dump file. Type ".hh dbgerr004" for details Page 98757 not present in the dump file. Type ".hh dbgerr004" for details fffff96000191098-fffff9600019109d 6 bytes - win32k!NtGdiAlphaBlend (+0x453c) [ 4c 8b dc 45 89 4b:ff 25 1e 5f 06 00 ] Page 98b66 not present in the dump file. Type ".hh dbgerr004" for details Page 9916d not present in the dump file. Type ".hh dbgerr004" for details Page 9926e not present in the dump file. Type ".hh dbgerr004" for details Page 9958e not present in the dump file. Type ".hh dbgerr004" for details Page 98f8f not present in the dump file. Type ".hh dbgerr004" for details Page 98b95 not present in the dump file. Type ".hh dbgerr004" for details Page 99398 not present in the dump file. Type ".hh dbgerr004" for details Page 99099 not present in the dump file. Type ".hh dbgerr004" for details Page 9989b not present in the dump file. Type ".hh dbgerr004" for details fffff960001b3718-fffff960001b371f 8 bytes - win32k!GreGetRgnBox+4 (+0x22680) [ 90 90 90 90 90 90 90 90:18 df 6c 03 80 f8 ff ff ] fffff960001f6fbc-fffff960001f6fc3 8 bytes - win32k!XLATE::pfnXlateBetweenBitfields+60 (+0x438a4) [ 90 90 90 90 90 90 90 90:28 f8 6c 03 80 f8 ff ff ] fffff960001f76b8-fffff960001f76bd 6 bytes - win32k!NtGdiBitBltInternal (+0x6fc) [ 48 8b c4 48 89 58:ff 25 6a 35 00 00 ] fffff960001fac28-fffff960001fac2f 8 bytes - win32k!CaptureDriverInfo2W+318 (+0x3570) [ 90 90 90 90 90 90 90 90:08 ee 6c 03 80 f8 ff ff ] fffff960001fb058-fffff960001fb05f 8 bytes - win32k!NtGdiGetBitmapBits+d4 (+0x430) [ 90 90 90 90 90 90 90 90:94 d2 6c 03 80 f8 ff ff ] WARNING: !chkimg output was truncated to 50 lines. Invoke !chkimg without '-lo [num_lines]' to view entire output. Page 994ac not present in the dump file. Type ".hh dbgerr004" for details Page 99fba not present in the dump file. Type ".hh dbgerr004" for details Page 9a1bc not present in the dump file. Type ".hh dbgerr004" for details Page 9a2bd not present in the dump file. Type ".hh dbgerr004" for details Page 99cbe not present in the dump file. Type ".hh dbgerr004" for details Page 996bf not present in the dump file. Type ".hh dbgerr004" for details Page 995c0 not present in the dump file. Type ".hh dbgerr004" for details Page 996c1 not present in the dump file. Type ".hh dbgerr004" for details Page 992c2 not present in the dump file. Type ".hh dbgerr004" for details Page 993c3 not present in the dump file. Type ".hh dbgerr004" for details Page 996c4 not present in the dump file. Type ".hh dbgerr004" for details Page 990c5 not present in the dump file. Type ".hh dbgerr004" for details Page 996c7 not present in the dump file. Type ".hh dbgerr004" for details Page 991cb not present in the dump file. Type ".hh dbgerr004" for details Page 99cd9 not present in the dump file. Type ".hh dbgerr004" for details Page 99bda not present in the dump file. Type ".hh dbgerr004" for details Page 99bdb not present in the dump file. Type ".hh dbgerr004" for details Page 999dc not present in the dump file. Type ".hh dbgerr004" for details Page 999dd not present in the dump file. Type ".hh dbgerr004" for details Page 99bde not present in the dump file. Type ".hh dbgerr004" for details Page 997df not present in the dump file. Type ".hh dbgerr004" for details Page 99ced not present in the dump file. Type ".hh dbgerr004" for details Page 997ef not present in the dump file. Type ".hh dbgerr004" for details Page 994f0 not present in the dump file. Type ".hh dbgerr004" for details Page 999f1 not present in the dump file. Type ".hh dbgerr004" for details Page 99ef4 not present in the dump file. Type ".hh dbgerr004" for details Page 999f5 not present in the dump file. Type ".hh dbgerr004" for details Page 994f6 not present in the dump file. Type ".hh dbgerr004" for details Page 994f7 not present in the dump file. Type ".hh dbgerr004" for details Page 992f8 not present in the dump file. Type ".hh dbgerr004" for details Page 996f9 not present in the dump file. Type ".hh dbgerr004" for details Page 996fa not present in the dump file. Type ".hh dbgerr004" for details Page 995fb not present in the dump file. Type ".hh dbgerr004" for details Page 6f401 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc02 not present in the dump file. Type ".hh dbgerr004" for details Page 6f703 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb04 not present in the dump file. Type ".hh dbgerr004" for details Page 6f705 not present in the dump file. Type ".hh dbgerr004" for details Page 6f906 not present in the dump file. Type ".hh dbgerr004" for details Page 6f407 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa08 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc12 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc13 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb1c not present in the dump file. Type ".hh dbgerr004" for details Page 6fa1d not present in the dump file. Type ".hh dbgerr004" for details Page 6ff1f not present in the dump file. Type ".hh dbgerr004" for details Page 6fe20 not present in the dump file. Type ".hh dbgerr004" for details Page 8f721 not present in the dump file. Type ".hh dbgerr004" for details Page 8fb22 not present in the dump file. Type ".hh dbgerr004" for details Page 90324 not present in the dump file. Type ".hh dbgerr004" for details Page 90b2c not present in the dump file. Type ".hh dbgerr004" for details Page 90d2d not present in the dump file. Type ".hh dbgerr004" for details Page 90d2e not present in the dump file. Type ".hh dbgerr004" for details Page 9052f not present in the dump file. Type ".hh dbgerr004" for details Page 91233 not present in the dump file. Type ".hh dbgerr004" for details Page 9243b not present in the dump file. Type ".hh dbgerr004" for details Page 9213c not present in the dump file. Type ".hh dbgerr004" for details Page 9223d not present in the dump file. Type ".hh dbgerr004" for details Page 91c3e not present in the dump file. Type ".hh dbgerr004" for details Page 92440 not present in the dump file. Type ".hh dbgerr004" for details Page 9874d not present in the dump file. Type ".hh dbgerr004" for details Page 9894e not present in the dump file. Type ".hh dbgerr004" for details Page 9854f not present in the dump file. Type ".hh dbgerr004" for details 404 errors : !win32k (fffff96000037e94-fffff9600020c3b5) MODULE_NAME: memory_corruption IMAGE_NAME: memory_corruption FOLLOWUP_NAME: memory_corruption DEBUG_FLR_IMAGE_TIMESTAMP: 0 MEMORY_CORRUPTOR: LARGE FAILURE_BUCKET_ID: X64_MEMORY_CORRUPTION_LARGE BUCKET_ID: X64_MEMORY_CORRUPTION_LARGE Followup: memory_corruption --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* CLOCK_WATCHDOG_TIMEOUT (101) An expected clock interrupt was not received on a secondary processor in an MP system within the allocated interval. This indicates that the specified processor is hung and not processing interrupts. Arguments: Arg1: 0000000000000041, Clock interrupt time out interval in nominal clock ticks. Arg2: 0000000000000000, 0. Arg3: fffff880009e9180, The PRCB address of the hung processor. Arg4: 0000000000000001, 0. Debugging Details: ------------------ Page 9917e not present in the dump file. Type ".hh dbgerr004" for details Page 99199 not present in the dump file. Type ".hh dbgerr004" for details Page 99cb8 not present in the dump file. Type ".hh dbgerr004" for details Page 9a3bd not present in the dump file. Type ".hh dbgerr004" for details Page 99dbe not present in the dump file. Type ".hh dbgerr004" for details Page 991c5 not present in the dump file. Type ".hh dbgerr004" for details Page 98dcd not present in the dump file. Type ".hh dbgerr004" for details Page 999e6 not present in the dump file. Type ".hh dbgerr004" for details Page 997e7 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa06 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb08 not present in the dump file. Type ".hh dbgerr004" for details Page 6ff09 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0b not present in the dump file. Type ".hh dbgerr004" for details Page 6fd0c not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0d not present in the dump file. Type ".hh dbgerr004" for details Page 7000e not present in the dump file. Type ".hh dbgerr004" for details Page 90825 not present in the dump file. Type ".hh dbgerr004" for details Page 8fe26 not present in the dump file. Type ".hh dbgerr004" for details Page 90a28 not present in the dump file. Type ".hh dbgerr004" for details Page 90e2e not present in the dump file. Type ".hh dbgerr004" for details Page 9062f not present in the dump file. Type ".hh dbgerr004" for details Page 90a30 not present in the dump file. Type ".hh dbgerr004" for details Page 91431 not present in the dump file. Type ".hh dbgerr004" for details Page 91632 not present in the dump file. Type ".hh dbgerr004" for details Page 91333 not present in the dump file. Type ".hh dbgerr004" for details Page 91d3e not present in the dump file. Type ".hh dbgerr004" for details Page 9243f not present in the dump file. Type ".hh dbgerr004" for details Page 97e42 not present in the dump file. Type ".hh dbgerr004" for details Page 97d43 not present in the dump file. Type ".hh dbgerr004" for details Page 98044 not present in the dump file. Type ".hh dbgerr004" for details Page 98548 not present in the dump file. Type ".hh dbgerr004" for details Page 98549 not present in the dump file. Type ".hh dbgerr004" for details Page 9894c not present in the dump file. Type ".hh dbgerr004" for details Page 9884d not present in the dump file. Type ".hh dbgerr004" for details Page 98a4e not present in the dump file. Type ".hh dbgerr004" for details Page 98757 not present in the dump file. Type ".hh dbgerr004" for details Page 98b66 not present in the dump file. Type ".hh dbgerr004" for details Page 9916d not present in the dump file. Type ".hh dbgerr004" for details Page 9926e not present in the dump file. Type ".hh dbgerr004" for details Page 9958e not present in the dump file. Type ".hh dbgerr004" for details Page 98f8f not present in the dump file. Type ".hh dbgerr004" for details Page 98b95 not present in the dump file. Type ".hh dbgerr004" for details Page 99398 not present in the dump file. Type ".hh dbgerr004" for details Page 99099 not present in the dump file. Type ".hh dbgerr004" for details Page 9989b not present in the dump file. Type ".hh dbgerr004" for details Page 994ac not present in the dump file. Type ".hh dbgerr004" for details Page 99fba not present in the dump file. Type ".hh dbgerr004" for details Page 9a1bc not present in the dump file. Type ".hh dbgerr004" for details Page 9a2bd not present in the dump file. Type ".hh dbgerr004" for details Page 99cbe not present in the dump file. Type ".hh dbgerr004" for details Page 996bf not present in the dump file. Type ".hh dbgerr004" for details Page 995c0 not present in the dump file. Type ".hh dbgerr004" for details Page 996c1 not present in the dump file. Type ".hh dbgerr004" for details Page 992c2 not present in the dump file. Type ".hh dbgerr004" for details Page 993c3 not present in the dump file. Type ".hh dbgerr004" for details Page 996c4 not present in the dump file. Type ".hh dbgerr004" for details Page 990c5 not present in the dump file. Type ".hh dbgerr004" for details Page 996c7 not present in the dump file. Type ".hh dbgerr004" for details Page 991cb not present in the dump file. Type ".hh dbgerr004" for details Page 99cd9 not present in the dump file. Type ".hh dbgerr004" for details Page 99bda not present in the dump file. Type ".hh dbgerr004" for details Page 99bdb not present in the dump file. Type ".hh dbgerr004" for details Page 999dc not present in the dump file. Type ".hh dbgerr004" for details Page 999dd not present in the dump file. Type ".hh dbgerr004" for details Page 99bde not present in the dump file. Type ".hh dbgerr004" for details Page 997df not present in the dump file. Type ".hh dbgerr004" for details Page 99ced not present in the dump file. Type ".hh dbgerr004" for details Page 997ef not present in the dump file. Type ".hh dbgerr004" for details Page 994f0 not present in the dump file. Type ".hh dbgerr004" for details Page 999f1 not present in the dump file. Type ".hh dbgerr004" for details Page 99ef4 not present in the dump file. Type ".hh dbgerr004" for details Page 999f5 not present in the dump file. Type ".hh dbgerr004" for details Page 994f6 not present in the dump file. Type ".hh dbgerr004" for details Page 994f7 not present in the dump file. Type ".hh dbgerr004" for details Page 992f8 not present in the dump file. Type ".hh dbgerr004" for details Page 996f9 not present in the dump file. Type ".hh dbgerr004" for details Page 996fa not present in the dump file. Type ".hh dbgerr004" for details Page 995fb not present in the dump file. Type ".hh dbgerr004" for details Page 6f401 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc02 not present in the dump file. Type ".hh dbgerr004" for details Page 6f703 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb04 not present in the dump file. Type ".hh dbgerr004" for details Page 6f705 not present in the dump file. Type ".hh dbgerr004" for details Page 6f906 not present in the dump file. Type ".hh dbgerr004" for details Page 6f407 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa08 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc12 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc13 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb1c not present in the dump file. Type ".hh dbgerr004" for details Page 6fa1d not present in the dump file. Type ".hh dbgerr004" for details Page 6ff1f not present in the dump file. Type ".hh dbgerr004" for details Page 6fe20 not present in the dump file. Type ".hh dbgerr004" for details Page 8f721 not present in the dump file. Type ".hh dbgerr004" for details Page 8fb22 not present in the dump file. Type ".hh dbgerr004" for details Page 90324 not present in the dump file. Type ".hh dbgerr004" for details Page 90b2c not present in the dump file. Type ".hh dbgerr004" for details Page 90d2d not present in the dump file. Type ".hh dbgerr004" for details Page 90d2e not present in the dump file. Type ".hh dbgerr004" for details Page 9052f not present in the dump file. Type ".hh dbgerr004" for details Page 91233 not present in the dump file. Type ".hh dbgerr004" for details Page 9243b not present in the dump file. Type ".hh dbgerr004" for details Page 9213c not present in the dump file. Type ".hh dbgerr004" for details Page 9223d not present in the dump file. Type ".hh dbgerr004" for details Page 91c3e not present in the dump file. Type ".hh dbgerr004" for details Page 92440 not present in the dump file. Type ".hh dbgerr004" for details Page 9874d not present in the dump file. Type ".hh dbgerr004" for details Page 9894e not present in the dump file. Type ".hh dbgerr004" for details Page 9854f not present in the dump file. Type ".hh dbgerr004" for details TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\modclass.ini, error 2 BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_3_PROC DEFAULT_BUCKET_ID: CODE_CORRUPTION PROCESS_NAME: explorer.exe CURRENT_IRQL: d STACK_TEXT: fffff880`07be1e88 fffff800`03132f3a : 00000000`00000101 00000000`00000041 00000000`00000000 fffff880`009e9180 : nt!KeBugCheckEx fffff880`07be1e90 fffff800`030e5ce7 : 00000000`00000000 fffff800`00000001 00000000`00002710 fffff800`030df08a : nt! ?? ::FNODOBFM::`string'+0x4e2e fffff880`07be1f20 fffff800`0301e895 : fffff800`03044460 fffff880`07be20d0 fffff800`03044460 00000000`00000000 : nt!KeUpdateSystemTime+0x377 fffff880`07be2020 fffff800`030d8713 : 00000000`c4421ff5 fffff800`0324ee80 fffff800`0324ee80 00000000`00000000 : hal!HalpHpetClockInterrupt+0x8d fffff880`07be2050 fffff800`030e0ff0 : fffff800`0324ee80 fffff900`00000001 00000000`00000000 fffff880`07be22e8 : nt!KiInterruptDispatchNoLock+0x163 fffff880`07be21e0 fffff800`030fb951 : 00000000`00000000 00000000`00000002 00000000`00000001 00000000`00000111 : nt!KeFlushMultipleRangeTb+0x260 fffff880`07be22b0 fffff800`030fe398 : 00000000`00000002 fffff880`07be2400 fffff900`c01cc000 00000000`00000080 : nt!MiFlushTbAsNeeded+0x1d1 fffff880`07be23c0 fffff800`03204f86 : 00000000`00001b40 fffff880`038a1cc0 00000000`00000021 fffff800`00000028 : nt!MiAllocatePagedPoolPages+0x4cc fffff880`07be24e0 fffff800`030fc0b0 : 00000000`00001b40 fffff880`038a1cc0 00000000`00000021 fffff800`030e52d2 : nt!MiAllocatePoolPages+0x906 fffff880`07be2620 fffff800`0320790e : 00000000`00000000 00000000`00000000 fffff900`00000020 00000000`00001b40 : nt!ExpAllocateBigPool+0xb0 fffff880`07be2710 fffff960`000b3e55 : 00000000`00001165 00000000`00000000 00000000`00000000 fffff960`000c561d : nt!ExAllocatePoolWithTag+0x82e fffff880`07be2800 fffff960`000b5378 : 00000000`00000001 fffff880`07be2998 00000000`00000001 fffff960`000c584e : win32k!AllocateObject+0xdd fffff880`07be2840 fffff960`0008afa3 : fffff880`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!SURFMEM::bCreateDIB+0x1f8 fffff880`07be2930 fffff960`000a1f24 : 00000000`01010051 fffff900`c225a530 00000000`00000000 00000000`0000002c : win32k!GreCreateDIBitmapReal+0x533 fffff880`07be2a60 fffff960`000a3f22 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!InternalGetIconInfo+0x174 fffff880`07be2b50 fffff800`030db453 : fffffa80`06e7e600 00000000`035be498 fffff880`07be2c18 00000000`00000028 : win32k!NtUserGetIconInfo+0x182 fffff880`07be2c00 00000000`7727192a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`035be478 fffff800`030d3810 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7727192a fffff880`07be2e50 fffff880`07be2e78 : 00000000`00000000 fffff900`c060e010 00000000`00000000 00000000`00000202 : nt!KiCallUserMode fffff880`07be2e58 00000000`00000000 : fffff900`c060e010 00000000`00000000 00000000`00000202 fffff880`07be3860 : 0xfffff880`07be2e78 STACK_COMMAND: kb CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32k fffff96000037e94-fffff96000037e9b 8 bytes - win32k!GreSelectBrush+5c [ 90 90 90 90 90 90 90 90:4c cf 6c 03 80 f8 ff ff ] fffff9600003b684-fffff9600003b689 6 bytes - win32k!NtUserSwitchDesktop (+0x37f0) [ 48 89 5c 24 08 57:ff 25 ce 62 0a 00 ] fffff960000700bc-fffff960000700c3 8 bytes - win32k!CreateDesktopHeap+104 (+0x34a38) [ 90 90 90 90 90 90 90 90:d8 d3 6c 03 80 f8 ff ff ] fffff96000075aac-fffff96000075ab1 6 bytes - win32k!NtGdiOpenDCW (+0x59f0) [ 48 8b c4 48 89 58:ff 25 56 68 06 00 ] fffff9600007eeb8-fffff9600007eebf 8 bytes - win32k!NtGdiGetSystemPaletteUse (+0x940c) [ 90 90 90 90 90 90 90 90:e0 d7 6c 03 80 f8 ff ff ] fffff9600007f014-fffff9600007f017 4 bytes - win32k!NtUserSetWindowsHookEx (+0x15c) [ 48 89 5c 24:ff 25 66 ce ] fffff9600007f019 - win32k!NtUserSetWindowsHookEx+5 (+0x05) [ 48:00 ] fffff9600007f90c-fffff9600007f913 8 bytes - win32k!DestroyCacheDC+1d4 (+0x8f3) [ 90 90 90 90 90 90 90 90:d4 d4 6c 03 80 f8 ff ff ] fffff9600007ff78-fffff9600007ff7f 8 bytes - win32k!NtGdiPolyPolyDraw (+0x66c) [ 90 90 90 90 90 90 90 90:04 d7 6c 03 80 f8 ff ff ] fffff960000875c8-fffff960000875cd 6 bytes - win32k!NtGdiDeleteObjectApp (+0x7650) [ 48 89 5c 24 08 57:ff 25 8e 55 10 00 ] fffff96000089de8-fffff96000089def 8 bytes - win32k!bCaptureBitmapInfo+b8 (+0x2820) [ 90 90 90 90 90 90 90 90:40 d5 6c 03 80 f8 ff ff ] fffff960000950d8-fffff960000950df 8 bytes - win32k!NtUserThunkedMenuInfo+4 (+0xb2f0) [ 90 90 90 90 90 90 90 90:38 f5 6c 03 80 f8 ff ff ] fffff9600009d738-fffff9600009d73f 8 bytes - win32k!NtUserTrackMouseEvent (+0x8660) [ 90 90 90 90 90 90 90 90:78 ed 6c 03 80 f8 ff ff ] fffff960000a3f74-fffff960000a3f7b 8 bytes - win32k!NtUserGetIconInfo+1d4 (+0x683c) [ 90 90 90 90 90 90 90 90:a4 dd 6c 03 80 f8 ff ff ] fffff960000b28b8-fffff960000b28bf 8 bytes - win32k!UserGetAtomName+58 (+0xe944) [ 90 90 90 90 90 90 90 90:30 d3 6c 03 80 f8 ff ff ] fffff960000b74f4-fffff960000b74fb 8 bytes - win32k!PtiFromThreadId+dc (+0x4c3c) [ 90 90 90 90 90 90 90 90:c8 dd 6c 03 80 f8 ff ff ] fffff960000b7f30-fffff960000b7f35 6 bytes - win32k!NtGdiCreateCompatibleDC (+0xa3c) [ e9 ff fa ff ff 90:ff 25 02 58 fe ff ] fffff960000bacc8-fffff960000baccd 6 bytes - win32k!NtUserSystemParametersInfo (+0x2d98) [ 44 89 4c 24 20 4c:ff 25 4a 21 14 00 ] fffff960000d1a54-fffff960000d1a5b 8 bytes - win32k!ClearSendMessages+180 (+0x16d8c) [ 90 90 90 90 90 90 90 90:28 d6 6c 03 80 f8 ff ff ] Page 9917e not present in the dump file. Type ".hh dbgerr004" for details fffff960000d1a5d-fffff960000d1a61 5 bytes - win32k!NtUserDestroyWindow+1 (+0x09) [ f3 48 83 ec 20:25 5a e6 f9 ff ] fffff960000d7480-fffff960000d7485 6 bytes - win32k!NtUserOpenDesktop (+0x5a23) [ 48 89 5c 24 08 48:ff 25 26 d3 12 00 ] fffff960000d79d8-fffff960000d79df 8 bytes - win32k!NtUserDragObject+154 (+0x558) [ 90 90 90 90 90 90 90 90:ac f6 6c 03 80 f8 ff ff ] fffff960000d9578-fffff960000d957d 6 bytes - win32k!NtUserSetWinEventHook (+0x1ba0) [ 48 89 5c 24 08 48:ff 25 16 e9 f5 ff ] fffff960000d98ec-fffff960000d98f3 8 bytes - win32k!NtUserGetGUIThreadInfo+d8 (+0x374) [ 90 90 90 90 90 90 90 90:80 db 6c 03 80 f8 ff ff ] fffff960000da640-fffff960000da645 6 bytes - win32k!NtUserGetClipboardData (+0xd54) [ 48 89 5c 24 08 48:ff 25 72 48 fa ff ] fffff960000da9a8-fffff960000da9ad 6 bytes - win32k!NtUserAttachThreadInput (+0x368) [ 48 89 5c 24 08 48:ff 25 5a 69 00 00 ] fffff960000db2b0-fffff960000db2b5 6 bytes - win32k!NtUserCallHwndParamLock (+0x908) [ 48 89 5c 24 08 48:ff 25 02 76 fd ff ] fffff960000dba0c-fffff960000dba11 6 bytes - win32k!NtUserGetAsyncKeyState (+0x75c) [ 48 89 5c 24 08 48:ff 25 62 85 fc ff ] fffff960000dc308-fffff960000dc30f 8 bytes - win32k!NtUserGetPriorityClipboardFormat+b0 (+0x8fc) [ 90 90 90 90 90 90 90 90:b4 eb 6c 03 80 f8 ff ff ] fffff960000dcb88-fffff960000dcb8d 6 bytes - win32k!NtUserRegisterHotKey (+0x880) [ 48 8b c4 48 89 58:ff 25 8a 6b 0d 00 ] fffff960000dd0ac-fffff960000dd0b1 6 bytes - win32k!NtUserSetClipboardViewer (+0x524) [ 48 89 5c 24 08 57:ff 25 a2 49 ff ff ] fffff960000dd4f0-fffff960000dd4f5 6 bytes - win32k!NtUserSetSysColors (+0x444) [ 48 8b c4 48 89 58:ff 25 62 db 11 00 ] fffff960000de848-fffff960000de84f 8 bytes - win32k!NtUserGetDCEx+168 (+0x1358) [ 90 90 90 90 90 90 90 90:c4 ed 6c 03 80 f8 ff ff ] fffff960000defd4-fffff960000defdb 8 bytes - win32k!NtUserSetWindowRgnEx+1cc (+0x78c) [ 90 90 90 90 90 90 90 90:e0 f1 6c 03 80 f8 ff ff ] fffff960000e0774-fffff960000e0779 6 bytes - win32k!NtUserBuildNameList (+0x17a0) [ 48 89 5c 24 08 48:ff 25 72 91 ff ff ] fffff960000e0c94-fffff960000e0c99 6 bytes - win32k!NtUserSendInput (+0x520) [ 48 8b c4 48 89 58:ff 25 4e 91 fa ff ] fffff960000e0e00-fffff960000e0e05 6 bytes - win32k!NtUserBlockInput (+0x16c) [ 48 89 5c 24 08 48:ff 25 06 eb f9 ff ] fffff960000e1308-fffff960000e130f 8 bytes - win32k!NtUserGetClassInfoEx (+0x508) [ 90 90 90 90 90 90 90 90:ec dd 6c 03 80 f8 ff ff ] fffff960000e1958-fffff960000e195f 8 bytes - win32k!NtUserGetProp+7c (+0x650) [ 90 90 90 90 90 90 90 90:64 db 6c 03 80 f8 ff ff ] fffff960000e30c0-fffff960000e30c5 6 bytes - win32k!NtUserGetKeyboardState (+0x1768) [ 48 89 4c 24 08 53:ff 25 12 8b 11 00 ] fffff960000e323c-fffff960000e3241 6 bytes - win32k!NtUserGetKeyState (+0x17c) [ 48 89 5c 24 08 48:ff 25 b2 42 fd ff ] fffff960000e7d64-fffff960000e7d69 6 bytes - win32k!NtUserRegisterRawInputDevices (+0x4b28) [ 48 89 5c 24 10 56:ff 25 fa 50 11 00 ] Page 99199 not present in the dump file. Type ".hh dbgerr004" for details Page 99cb8 not present in the dump file. Type ".hh dbgerr004" for details Page 9a3bd not present in the dump file. Type ".hh dbgerr004" for details Page 99dbe not present in the dump file. Type ".hh dbgerr004" for details Page 991c5 not present in the dump file. Type ".hh dbgerr004" for details Page 98dcd not present in the dump file. Type ".hh dbgerr004" for details Page 999e6 not present in the dump file. Type ".hh dbgerr004" for details Page 997e7 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa06 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb08 not present in the dump file. Type ".hh dbgerr004" for details Page 6ff09 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0b not present in the dump file. Type ".hh dbgerr004" for details Page 6fd0c not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0d not present in the dump file. Type ".hh dbgerr004" for details Page 7000e not present in the dump file. Type ".hh dbgerr004" for details Page 90825 not present in the dump file. Type ".hh dbgerr004" for details Page 8fe26 not present in the dump file. Type ".hh dbgerr004" for details Page 90a28 not present in the dump file. Type ".hh dbgerr004" for details Page 90e2e not present in the dump file. Type ".hh dbgerr004" for details Page 9062f not present in the dump file. Type ".hh dbgerr004" for details Page 90a30 not present in the dump file. Type ".hh dbgerr004" for details Page 91431 not present in the dump file. Type ".hh dbgerr004" for details Page 91632 not present in the dump file. Type ".hh dbgerr004" for details Page 91333 not present in the dump file. Type ".hh dbgerr004" for details fffff960000e9718-fffff960000e971d 6 bytes - win32k!NtUserAddClipboardFormatListener (+0x19b4) [ 48 89 5c 24 08 48:ff 25 5a 68 f9 ff ] fffff9600018cb5c-fffff9600018cb63 8 bytes - win32k!NtGdiD3dValidateTextureStageState+c (+0xa3444) [ 90 90 90 90 90 90 90 90:18 ed 6c 03 80 f8 ff ff ] Page 91d3e not present in the dump file. Type ".hh dbgerr004" for details Page 9243f not present in the dump file. Type ".hh dbgerr004" for details Page 97e42 not present in the dump file. Type ".hh dbgerr004" for details Page 97d43 not present in the dump file. Type ".hh dbgerr004" for details Page 98044 not present in the dump file. Type ".hh dbgerr004" for details Page 98548 not present in the dump file. Type ".hh dbgerr004" for details Page 98549 not present in the dump file. Type ".hh dbgerr004" for details Page 9894c not present in the dump file. Type ".hh dbgerr004" for details Page 9884d not present in the dump file. Type ".hh dbgerr004" for details Page 98a4e not present in the dump file. Type ".hh dbgerr004" for details Page 98757 not present in the dump file. Type ".hh dbgerr004" for details fffff96000191098-fffff9600019109d 6 bytes - win32k!NtGdiAlphaBlend (+0x453c) [ 4c 8b dc 45 89 4b:ff 25 1e 5f 06 00 ] Page 98b66 not present in the dump file. Type ".hh dbgerr004" for details Page 9916d not present in the dump file. Type ".hh dbgerr004" for details Page 9926e not present in the dump file. Type ".hh dbgerr004" for details Page 9958e not present in the dump file. Type ".hh dbgerr004" for details Page 98f8f not present in the dump file. Type ".hh dbgerr004" for details Page 98b95 not present in the dump file. Type ".hh dbgerr004" for details Page 99398 not present in the dump file. Type ".hh dbgerr004" for details Page 99099 not present in the dump file. Type ".hh dbgerr004" for details Page 9989b not present in the dump file. Type ".hh dbgerr004" for details fffff960001b3718-fffff960001b371f 8 bytes - win32k!GreGetRgnBox+4 (+0x22680) [ 90 90 90 90 90 90 90 90:18 df 6c 03 80 f8 ff ff ] fffff960001f6fbc-fffff960001f6fc3 8 bytes - win32k!XLATE::pfnXlateBetweenBitfields+60 (+0x438a4) [ 90 90 90 90 90 90 90 90:28 f8 6c 03 80 f8 ff ff ] fffff960001f76b8-fffff960001f76bd 6 bytes - win32k!NtGdiBitBltInternal (+0x6fc) [ 48 8b c4 48 89 58:ff 25 6a 35 00 00 ] fffff960001fac28-fffff960001fac2f 8 bytes - win32k!CaptureDriverInfo2W+318 (+0x3570) [ 90 90 90 90 90 90 90 90:08 ee 6c 03 80 f8 ff ff ] fffff960001fb058-fffff960001fb05f 8 bytes - win32k!NtGdiGetBitmapBits+d4 (+0x430) [ 90 90 90 90 90 90 90 90:94 d2 6c 03 80 f8 ff ff ] WARNING: !chkimg output was truncated to 50 lines. Invoke !chkimg without '-lo [num_lines]' to view entire output. Page 994ac not present in the dump file. Type ".hh dbgerr004" for details Page 99fba not present in the dump file. Type ".hh dbgerr004" for details Page 9a1bc not present in the dump file. Type ".hh dbgerr004" for details Page 9a2bd not present in the dump file. Type ".hh dbgerr004" for details Page 99cbe not present in the dump file. Type ".hh dbgerr004" for details Page 996bf not present in the dump file. Type ".hh dbgerr004" for details Page 995c0 not present in the dump file. Type ".hh dbgerr004" for details Page 996c1 not present in the dump file. Type ".hh dbgerr004" for details Page 992c2 not present in the dump file. Type ".hh dbgerr004" for details Page 993c3 not present in the dump file. Type ".hh dbgerr004" for details Page 996c4 not present in the dump file. Type ".hh dbgerr004" for details Page 990c5 not present in the dump file. Type ".hh dbgerr004" for details Page 996c7 not present in the dump file. Type ".hh dbgerr004" for details Page 991cb not present in the dump file. Type ".hh dbgerr004" for details Page 99cd9 not present in the dump file. Type ".hh dbgerr004" for details Page 99bda not present in the dump file. Type ".hh dbgerr004" for details Page 99bdb not present in the dump file. Type ".hh dbgerr004" for details Page 999dc not present in the dump file. Type ".hh dbgerr004" for details Page 999dd not present in the dump file. Type ".hh dbgerr004" for details Page 99bde not present in the dump file. Type ".hh dbgerr004" for details Page 997df not present in the dump file. Type ".hh dbgerr004" for details Page 99ced not present in the dump file. Type ".hh dbgerr004" for details Page 997ef not present in the dump file. Type ".hh dbgerr004" for details Page 994f0 not present in the dump file. Type ".hh dbgerr004" for details Page 999f1 not present in the dump file. Type ".hh dbgerr004" for details Page 99ef4 not present in the dump file. Type ".hh dbgerr004" for details Page 999f5 not present in the dump file. Type ".hh dbgerr004" for details Page 994f6 not present in the dump file. Type ".hh dbgerr004" for details Page 994f7 not present in the dump file. Type ".hh dbgerr004" for details Page 992f8 not present in the dump file. Type ".hh dbgerr004" for details Page 996f9 not present in the dump file. Type ".hh dbgerr004" for details Page 996fa not present in the dump file. Type ".hh dbgerr004" for details Page 995fb not present in the dump file. Type ".hh dbgerr004" for details Page 6f401 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc02 not present in the dump file. Type ".hh dbgerr004" for details Page 6f703 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb04 not present in the dump file. Type ".hh dbgerr004" for details Page 6f705 not present in the dump file. Type ".hh dbgerr004" for details Page 6f906 not present in the dump file. Type ".hh dbgerr004" for details Page 6f407 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa08 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc12 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc13 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb1c not present in the dump file. Type ".hh dbgerr004" for details Page 6fa1d not present in the dump file. Type ".hh dbgerr004" for details Page 6ff1f not present in the dump file. Type ".hh dbgerr004" for details Page 6fe20 not present in the dump file. Type ".hh dbgerr004" for details Page 8f721 not present in the dump file. Type ".hh dbgerr004" for details Page 8fb22 not present in the dump file. Type ".hh dbgerr004" for details Page 90324 not present in the dump file. Type ".hh dbgerr004" for details Page 90b2c not present in the dump file. Type ".hh dbgerr004" for details Page 90d2d not present in the dump file. Type ".hh dbgerr004" for details Page 90d2e not present in the dump file. Type ".hh dbgerr004" for details Page 9052f not present in the dump file. Type ".hh dbgerr004" for details Page 91233 not present in the dump file. Type ".hh dbgerr004" for details Page 9243b not present in the dump file. Type ".hh dbgerr004" for details Page 9213c not present in the dump file. Type ".hh dbgerr004" for details Page 9223d not present in the dump file. Type ".hh dbgerr004" for details Page 91c3e not present in the dump file. Type ".hh dbgerr004" for details Page 92440 not present in the dump file. Type ".hh dbgerr004" for details Page 9874d not present in the dump file. Type ".hh dbgerr004" for details Page 9894e not present in the dump file. Type ".hh dbgerr004" for details Page 9854f not present in the dump file. Type ".hh dbgerr004" for details 404 errors : !win32k (fffff96000037e94-fffff9600020c3b5) MODULE_NAME: memory_corruption IMAGE_NAME: memory_corruption FOLLOWUP_NAME: memory_corruption DEBUG_FLR_IMAGE_TIMESTAMP: 0 MEMORY_CORRUPTOR: LARGE FAILURE_BUCKET_ID: X64_MEMORY_CORRUPTION_LARGE BUCKET_ID: X64_MEMORY_CORRUPTION_LARGE Followup: memory_corruption --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* CLOCK_WATCHDOG_TIMEOUT (101) An expected clock interrupt was not received on a secondary processor in an MP system within the allocated interval. This indicates that the specified processor is hung and not processing interrupts. Arguments: Arg1: 0000000000000041, Clock interrupt time out interval in nominal clock ticks. Arg2: 0000000000000000, 0. Arg3: fffff880009e9180, The PRCB address of the hung processor. Arg4: 0000000000000001, 0. Debugging Details: ------------------ Page 9917e not present in the dump file. Type ".hh dbgerr004" for details Page 99199 not present in the dump file. Type ".hh dbgerr004" for details Page 99cb8 not present in the dump file. Type ".hh dbgerr004" for details Page 9a3bd not present in the dump file. Type ".hh dbgerr004" for details Page 99dbe not present in the dump file. Type ".hh dbgerr004" for details Page 991c5 not present in the dump file. Type ".hh dbgerr004" for details Page 98dcd not present in the dump file. Type ".hh dbgerr004" for details Page 999e6 not present in the dump file. Type ".hh dbgerr004" for details Page 997e7 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa06 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb08 not present in the dump file. Type ".hh dbgerr004" for details Page 6ff09 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0b not present in the dump file. Type ".hh dbgerr004" for details Page 6fd0c not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0d not present in the dump file. Type ".hh dbgerr004" for details Page 7000e not present in the dump file. Type ".hh dbgerr004" for details Page 90825 not present in the dump file. Type ".hh dbgerr004" for details Page 8fe26 not present in the dump file. Type ".hh dbgerr004" for details Page 90a28 not present in the dump file. Type ".hh dbgerr004" for details Page 90e2e not present in the dump file. Type ".hh dbgerr004" for details Page 9062f not present in the dump file. Type ".hh dbgerr004" for details Page 90a30 not present in the dump file. Type ".hh dbgerr004" for details Page 91431 not present in the dump file. Type ".hh dbgerr004" for details Page 91632 not present in the dump file. Type ".hh dbgerr004" for details Page 91333 not present in the dump file. Type ".hh dbgerr004" for details Page 91d3e not present in the dump file. Type ".hh dbgerr004" for details Page 9243f not present in the dump file. Type ".hh dbgerr004" for details Page 97e42 not present in the dump file. Type ".hh dbgerr004" for details Page 97d43 not present in the dump file. Type ".hh dbgerr004" for details Page 98044 not present in the dump file. Type ".hh dbgerr004" for details Page 98548 not present in the dump file. Type ".hh dbgerr004" for details Page 98549 not present in the dump file. Type ".hh dbgerr004" for details Page 9894c not present in the dump file. Type ".hh dbgerr004" for details Page 9884d not present in the dump file. Type ".hh dbgerr004" for details Page 98a4e not present in the dump file. Type ".hh dbgerr004" for details Page 98757 not present in the dump file. Type ".hh dbgerr004" for details Page 98b66 not present in the dump file. Type ".hh dbgerr004" for details Page 9916d not present in the dump file. Type ".hh dbgerr004" for details Page 9926e not present in the dump file. Type ".hh dbgerr004" for details Page 9958e not present in the dump file. Type ".hh dbgerr004" for details Page 98f8f not present in the dump file. Type ".hh dbgerr004" for details Page 98b95 not present in the dump file. Type ".hh dbgerr004" for details Page 99398 not present in the dump file. Type ".hh dbgerr004" for details Page 99099 not present in the dump file. Type ".hh dbgerr004" for details Page 9989b not present in the dump file. Type ".hh dbgerr004" for details Page 994ac not present in the dump file. Type ".hh dbgerr004" for details Page 99fba not present in the dump file. Type ".hh dbgerr004" for details Page 9a1bc not present in the dump file. Type ".hh dbgerr004" for details Page 9a2bd not present in the dump file. Type ".hh dbgerr004" for details Page 99cbe not present in the dump file. Type ".hh dbgerr004" for details Page 996bf not present in the dump file. Type ".hh dbgerr004" for details Page 995c0 not present in the dump file. Type ".hh dbgerr004" for details Page 996c1 not present in the dump file. Type ".hh dbgerr004" for details Page 992c2 not present in the dump file. Type ".hh dbgerr004" for details Page 993c3 not present in the dump file. Type ".hh dbgerr004" for details Page 996c4 not present in the dump file. Type ".hh dbgerr004" for details Page 990c5 not present in the dump file. Type ".hh dbgerr004" for details Page 996c7 not present in the dump file. Type ".hh dbgerr004" for details Page 991cb not present in the dump file. Type ".hh dbgerr004" for details Page 99cd9 not present in the dump file. Type ".hh dbgerr004" for details Page 99bda not present in the dump file. Type ".hh dbgerr004" for details Page 99bdb not present in the dump file. Type ".hh dbgerr004" for details Page 999dc not present in the dump file. Type ".hh dbgerr004" for details Page 999dd not present in the dump file. Type ".hh dbgerr004" for details Page 99bde not present in the dump file. Type ".hh dbgerr004" for details Page 997df not present in the dump file. Type ".hh dbgerr004" for details Page 99ced not present in the dump file. Type ".hh dbgerr004" for details Page 997ef not present in the dump file. Type ".hh dbgerr004" for details Page 994f0 not present in the dump file. Type ".hh dbgerr004" for details Page 999f1 not present in the dump file. Type ".hh dbgerr004" for details Page 99ef4 not present in the dump file. Type ".hh dbgerr004" for details Page 999f5 not present in the dump file. Type ".hh dbgerr004" for details Page 994f6 not present in the dump file. Type ".hh dbgerr004" for details Page 994f7 not present in the dump file. Type ".hh dbgerr004" for details Page 992f8 not present in the dump file. Type ".hh dbgerr004" for details Page 996f9 not present in the dump file. Type ".hh dbgerr004" for details Page 996fa not present in the dump file. Type ".hh dbgerr004" for details Page 995fb not present in the dump file. Type ".hh dbgerr004" for details Page 6f401 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc02 not present in the dump file. Type ".hh dbgerr004" for details Page 6f703 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb04 not present in the dump file. Type ".hh dbgerr004" for details Page 6f705 not present in the dump file. Type ".hh dbgerr004" for details Page 6f906 not present in the dump file. Type ".hh dbgerr004" for details Page 6f407 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa08 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc12 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc13 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb1c not present in the dump file. Type ".hh dbgerr004" for details Page 6fa1d not present in the dump file. Type ".hh dbgerr004" for details Page 6ff1f not present in the dump file. Type ".hh dbgerr004" for details Page 6fe20 not present in the dump file. Type ".hh dbgerr004" for details Page 8f721 not present in the dump file. Type ".hh dbgerr004" for details Page 8fb22 not present in the dump file. Type ".hh dbgerr004" for details Page 90324 not present in the dump file. Type ".hh dbgerr004" for details Page 90b2c not present in the dump file. Type ".hh dbgerr004" for details Page 90d2d not present in the dump file. Type ".hh dbgerr004" for details Page 90d2e not present in the dump file. Type ".hh dbgerr004" for details Page 9052f not present in the dump file. Type ".hh dbgerr004" for details Page 91233 not present in the dump file. Type ".hh dbgerr004" for details Page 9243b not present in the dump file. Type ".hh dbgerr004" for details Page 9213c not present in the dump file. Type ".hh dbgerr004" for details Page 9223d not present in the dump file. Type ".hh dbgerr004" for details Page 91c3e not present in the dump file. Type ".hh dbgerr004" for details Page 92440 not present in the dump file. Type ".hh dbgerr004" for details Page 9874d not present in the dump file. Type ".hh dbgerr004" for details Page 9894e not present in the dump file. Type ".hh dbgerr004" for details Page 9854f not present in the dump file. Type ".hh dbgerr004" for details TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\modclass.ini, error 2 BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_3_PROC DEFAULT_BUCKET_ID: CODE_CORRUPTION PROCESS_NAME: explorer.exe CURRENT_IRQL: d STACK_TEXT: fffff880`07be1e88 fffff800`03132f3a : 00000000`00000101 00000000`00000041 00000000`00000000 fffff880`009e9180 : nt!KeBugCheckEx fffff880`07be1e90 fffff800`030e5ce7 : 00000000`00000000 fffff800`00000001 00000000`00002710 fffff800`030df08a : nt! ?? ::FNODOBFM::`string'+0x4e2e fffff880`07be1f20 fffff800`0301e895 : fffff800`03044460 fffff880`07be20d0 fffff800`03044460 00000000`00000000 : nt!KeUpdateSystemTime+0x377 fffff880`07be2020 fffff800`030d8713 : 00000000`c4421ff5 fffff800`0324ee80 fffff800`0324ee80 00000000`00000000 : hal!HalpHpetClockInterrupt+0x8d fffff880`07be2050 fffff800`030e0ff0 : fffff800`0324ee80 fffff900`00000001 00000000`00000000 fffff880`07be22e8 : nt!KiInterruptDispatchNoLock+0x163 fffff880`07be21e0 fffff800`030fb951 : 00000000`00000000 00000000`00000002 00000000`00000001 00000000`00000111 : nt!KeFlushMultipleRangeTb+0x260 fffff880`07be22b0 fffff800`030fe398 : 00000000`00000002 fffff880`07be2400 fffff900`c01cc000 00000000`00000080 : nt!MiFlushTbAsNeeded+0x1d1 fffff880`07be23c0 fffff800`03204f86 : 00000000`00001b40 fffff880`038a1cc0 00000000`00000021 fffff800`00000028 : nt!MiAllocatePagedPoolPages+0x4cc fffff880`07be24e0 fffff800`030fc0b0 : 00000000`00001b40 fffff880`038a1cc0 00000000`00000021 fffff800`030e52d2 : nt!MiAllocatePoolPages+0x906 fffff880`07be2620 fffff800`0320790e : 00000000`00000000 00000000`00000000 fffff900`00000020 00000000`00001b40 : nt!ExpAllocateBigPool+0xb0 fffff880`07be2710 fffff960`000b3e55 : 00000000`00001165 00000000`00000000 00000000`00000000 fffff960`000c561d : nt!ExAllocatePoolWithTag+0x82e fffff880`07be2800 fffff960`000b5378 : 00000000`00000001 fffff880`07be2998 00000000`00000001 fffff960`000c584e : win32k!AllocateObject+0xdd fffff880`07be2840 fffff960`0008afa3 : fffff880`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!SURFMEM::bCreateDIB+0x1f8 fffff880`07be2930 fffff960`000a1f24 : 00000000`01010051 fffff900`c225a530 00000000`00000000 00000000`0000002c : win32k!GreCreateDIBitmapReal+0x533 fffff880`07be2a60 fffff960`000a3f22 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!InternalGetIconInfo+0x174 fffff880`07be2b50 fffff800`030db453 : fffffa80`06e7e600 00000000`035be498 fffff880`07be2c18 00000000`00000028 : win32k!NtUserGetIconInfo+0x182 fffff880`07be2c00 00000000`7727192a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`035be478 fffff800`030d3810 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7727192a fffff880`07be2e50 fffff880`07be2e78 : 00000000`00000000 fffff900`c060e010 00000000`00000000 00000000`00000202 : nt!KiCallUserMode fffff880`07be2e58 00000000`00000000 : fffff900`c060e010 00000000`00000000 00000000`00000202 fffff880`07be3860 : 0xfffff880`07be2e78 STACK_COMMAND: kb CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32k fffff96000037e94-fffff96000037e9b 8 bytes - win32k!GreSelectBrush+5c [ 90 90 90 90 90 90 90 90:4c cf 6c 03 80 f8 ff ff ] fffff9600003b684-fffff9600003b689 6 bytes - win32k!NtUserSwitchDesktop (+0x37f0) [ 48 89 5c 24 08 57:ff 25 ce 62 0a 00 ] fffff960000700bc-fffff960000700c3 8 bytes - win32k!CreateDesktopHeap+104 (+0x34a38) [ 90 90 90 90 90 90 90 90:d8 d3 6c 03 80 f8 ff ff ] fffff96000075aac-fffff96000075ab1 6 bytes - win32k!NtGdiOpenDCW (+0x59f0) [ 48 8b c4 48 89 58:ff 25 56 68 06 00 ] fffff9600007eeb8-fffff9600007eebf 8 bytes - win32k!NtGdiGetSystemPaletteUse (+0x940c) [ 90 90 90 90 90 90 90 90:e0 d7 6c 03 80 f8 ff ff ] fffff9600007f014-fffff9600007f017 4 bytes - win32k!NtUserSetWindowsHookEx (+0x15c) [ 48 89 5c 24:ff 25 66 ce ] fffff9600007f019 - win32k!NtUserSetWindowsHookEx+5 (+0x05) [ 48:00 ] fffff9600007f90c-fffff9600007f913 8 bytes - win32k!DestroyCacheDC+1d4 (+0x8f3) [ 90 90 90 90 90 90 90 90:d4 d4 6c 03 80 f8 ff ff ] fffff9600007ff78-fffff9600007ff7f 8 bytes - win32k!NtGdiPolyPolyDraw (+0x66c) [ 90 90 90 90 90 90 90 90:04 d7 6c 03 80 f8 ff ff ] fffff960000875c8-fffff960000875cd 6 bytes - win32k!NtGdiDeleteObjectApp (+0x7650) [ 48 89 5c 24 08 57:ff 25 8e 55 10 00 ] fffff96000089de8-fffff96000089def 8 bytes - win32k!bCaptureBitmapInfo+b8 (+0x2820) [ 90 90 90 90 90 90 90 90:40 d5 6c 03 80 f8 ff ff ] fffff960000950d8-fffff960000950df 8 bytes - win32k!NtUserThunkedMenuInfo+4 (+0xb2f0) [ 90 90 90 90 90 90 90 90:38 f5 6c 03 80 f8 ff ff ] fffff9600009d738-fffff9600009d73f 8 bytes - win32k!NtUserTrackMouseEvent (+0x8660) [ 90 90 90 90 90 90 90 90:78 ed 6c 03 80 f8 ff ff ] fffff960000a3f74-fffff960000a3f7b 8 bytes - win32k!NtUserGetIconInfo+1d4 (+0x683c) [ 90 90 90 90 90 90 90 90:a4 dd 6c 03 80 f8 ff ff ] fffff960000b28b8-fffff960000b28bf 8 bytes - win32k!UserGetAtomName+58 (+0xe944) [ 90 90 90 90 90 90 90 90:30 d3 6c 03 80 f8 ff ff ] fffff960000b74f4-fffff960000b74fb 8 bytes - win32k!PtiFromThreadId+dc (+0x4c3c) [ 90 90 90 90 90 90 90 90:c8 dd 6c 03 80 f8 ff ff ] fffff960000b7f30-fffff960000b7f35 6 bytes - win32k!NtGdiCreateCompatibleDC (+0xa3c) [ e9 ff fa ff ff 90:ff 25 02 58 fe ff ] fffff960000bacc8-fffff960000baccd 6 bytes - win32k!NtUserSystemParametersInfo (+0x2d98) [ 44 89 4c 24 20 4c:ff 25 4a 21 14 00 ] fffff960000d1a54-fffff960000d1a5b 8 bytes - win32k!ClearSendMessages+180 (+0x16d8c) [ 90 90 90 90 90 90 90 90:28 d6 6c 03 80 f8 ff ff ] Page 9917e not present in the dump file. Type ".hh dbgerr004" for details fffff960000d1a5d-fffff960000d1a61 5 bytes - win32k!NtUserDestroyWindow+1 (+0x09) [ f3 48 83 ec 20:25 5a e6 f9 ff ] fffff960000d7480-fffff960000d7485 6 bytes - win32k!NtUserOpenDesktop (+0x5a23) [ 48 89 5c 24 08 48:ff 25 26 d3 12 00 ] fffff960000d79d8-fffff960000d79df 8 bytes - win32k!NtUserDragObject+154 (+0x558) [ 90 90 90 90 90 90 90 90:ac f6 6c 03 80 f8 ff ff ] fffff960000d9578-fffff960000d957d 6 bytes - win32k!NtUserSetWinEventHook (+0x1ba0) [ 48 89 5c 24 08 48:ff 25 16 e9 f5 ff ] fffff960000d98ec-fffff960000d98f3 8 bytes - win32k!NtUserGetGUIThreadInfo+d8 (+0x374) [ 90 90 90 90 90 90 90 90:80 db 6c 03 80 f8 ff ff ] fffff960000da640-fffff960000da645 6 bytes - win32k!NtUserGetClipboardData (+0xd54) [ 48 89 5c 24 08 48:ff 25 72 48 fa ff ] fffff960000da9a8-fffff960000da9ad 6 bytes - win32k!NtUserAttachThreadInput (+0x368) [ 48 89 5c 24 08 48:ff 25 5a 69 00 00 ] fffff960000db2b0-fffff960000db2b5 6 bytes - win32k!NtUserCallHwndParamLock (+0x908) [ 48 89 5c 24 08 48:ff 25 02 76 fd ff ] fffff960000dba0c-fffff960000dba11 6 bytes - win32k!NtUserGetAsyncKeyState (+0x75c) [ 48 89 5c 24 08 48:ff 25 62 85 fc ff ] fffff960000dc308-fffff960000dc30f 8 bytes - win32k!NtUserGetPriorityClipboardFormat+b0 (+0x8fc) [ 90 90 90 90 90 90 90 90:b4 eb 6c 03 80 f8 ff ff ] fffff960000dcb88-fffff960000dcb8d 6 bytes - win32k!NtUserRegisterHotKey (+0x880) [ 48 8b c4 48 89 58:ff 25 8a 6b 0d 00 ] fffff960000dd0ac-fffff960000dd0b1 6 bytes - win32k!NtUserSetClipboardViewer (+0x524) [ 48 89 5c 24 08 57:ff 25 a2 49 ff ff ] fffff960000dd4f0-fffff960000dd4f5 6 bytes - win32k!NtUserSetSysColors (+0x444) [ 48 8b c4 48 89 58:ff 25 62 db 11 00 ] fffff960000de848-fffff960000de84f 8 bytes - win32k!NtUserGetDCEx+168 (+0x1358) [ 90 90 90 90 90 90 90 90:c4 ed 6c 03 80 f8 ff ff ] fffff960000defd4-fffff960000defdb 8 bytes - win32k!NtUserSetWindowRgnEx+1cc (+0x78c) [ 90 90 90 90 90 90 90 90:e0 f1 6c 03 80 f8 ff ff ] fffff960000e0774-fffff960000e0779 6 bytes - win32k!NtUserBuildNameList (+0x17a0) [ 48 89 5c 24 08 48:ff 25 72 91 ff ff ] fffff960000e0c94-fffff960000e0c99 6 bytes - win32k!NtUserSendInput (+0x520) [ 48 8b c4 48 89 58:ff 25 4e 91 fa ff ] fffff960000e0e00-fffff960000e0e05 6 bytes - win32k!NtUserBlockInput (+0x16c) [ 48 89 5c 24 08 48:ff 25 06 eb f9 ff ] fffff960000e1308-fffff960000e130f 8 bytes - win32k!NtUserGetClassInfoEx (+0x508) [ 90 90 90 90 90 90 90 90:ec dd 6c 03 80 f8 ff ff ] fffff960000e1958-fffff960000e195f 8 bytes - win32k!NtUserGetProp+7c (+0x650) [ 90 90 90 90 90 90 90 90:64 db 6c 03 80 f8 ff ff ] fffff960000e30c0-fffff960000e30c5 6 bytes - win32k!NtUserGetKeyboardState (+0x1768) [ 48 89 4c 24 08 53:ff 25 12 8b 11 00 ] fffff960000e323c-fffff960000e3241 6 bytes - win32k!NtUserGetKeyState (+0x17c) [ 48 89 5c 24 08 48:ff 25 b2 42 fd ff ] fffff960000e7d64-fffff960000e7d69 6 bytes - win32k!NtUserRegisterRawInputDevices (+0x4b28) [ 48 89 5c 24 10 56:ff 25 fa 50 11 00 ] Page 99199 not present in the dump file. Type ".hh dbgerr004" for details Page 99cb8 not present in the dump file. Type ".hh dbgerr004" for details Page 9a3bd not present in the dump file. Type ".hh dbgerr004" for details Page 99dbe not present in the dump file. Type ".hh dbgerr004" for details Page 991c5 not present in the dump file. Type ".hh dbgerr004" for details Page 98dcd not present in the dump file. Type ".hh dbgerr004" for details Page 999e6 not present in the dump file. Type ".hh dbgerr004" for details Page 997e7 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa06 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb08 not present in the dump file. Type ".hh dbgerr004" for details Page 6ff09 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0b not present in the dump file. Type ".hh dbgerr004" for details Page 6fd0c not present in the dump file. Type ".hh dbgerr004" for details Page 6fc0d not present in the dump file. Type ".hh dbgerr004" for details Page 7000e not present in the dump file. Type ".hh dbgerr004" for details Page 90825 not present in the dump file. Type ".hh dbgerr004" for details Page 8fe26 not present in the dump file. Type ".hh dbgerr004" for details Page 90a28 not present in the dump file. Type ".hh dbgerr004" for details Page 90e2e not present in the dump file. Type ".hh dbgerr004" for details Page 9062f not present in the dump file. Type ".hh dbgerr004" for details Page 90a30 not present in the dump file. Type ".hh dbgerr004" for details Page 91431 not present in the dump file. Type ".hh dbgerr004" for details Page 91632 not present in the dump file. Type ".hh dbgerr004" for details Page 91333 not present in the dump file. Type ".hh dbgerr004" for details fffff960000e9718-fffff960000e971d 6 bytes - win32k!NtUserAddClipboardFormatListener (+0x19b4) [ 48 89 5c 24 08 48:ff 25 5a 68 f9 ff ] fffff9600018cb5c-fffff9600018cb63 8 bytes - win32k!NtGdiD3dValidateTextureStageState+c (+0xa3444) [ 90 90 90 90 90 90 90 90:18 ed 6c 03 80 f8 ff ff ] Page 91d3e not present in the dump file. Type ".hh dbgerr004" for details Page 9243f not present in the dump file. Type ".hh dbgerr004" for details Page 97e42 not present in the dump file. Type ".hh dbgerr004" for details Page 97d43 not present in the dump file. Type ".hh dbgerr004" for details Page 98044 not present in the dump file. Type ".hh dbgerr004" for details Page 98548 not present in the dump file. Type ".hh dbgerr004" for details Page 98549 not present in the dump file. Type ".hh dbgerr004" for details Page 9894c not present in the dump file. Type ".hh dbgerr004" for details Page 9884d not present in the dump file. Type ".hh dbgerr004" for details Page 98a4e not present in the dump file. Type ".hh dbgerr004" for details Page 98757 not present in the dump file. Type ".hh dbgerr004" for details fffff96000191098-fffff9600019109d 6 bytes - win32k!NtGdiAlphaBlend (+0x453c) [ 4c 8b dc 45 89 4b:ff 25 1e 5f 06 00 ] Page 98b66 not present in the dump file. Type ".hh dbgerr004" for details Page 9916d not present in the dump file. Type ".hh dbgerr004" for details Page 9926e not present in the dump file. Type ".hh dbgerr004" for details Page 9958e not present in the dump file. Type ".hh dbgerr004" for details Page 98f8f not present in the dump file. Type ".hh dbgerr004" for details Page 98b95 not present in the dump file. Type ".hh dbgerr004" for details Page 99398 not present in the dump file. Type ".hh dbgerr004" for details Page 99099 not present in the dump file. Type ".hh dbgerr004" for details Page 9989b not present in the dump file. Type ".hh dbgerr004" for details fffff960001b3718-fffff960001b371f 8 bytes - win32k!GreGetRgnBox+4 (+0x22680) [ 90 90 90 90 90 90 90 90:18 df 6c 03 80 f8 ff ff ] fffff960001f6fbc-fffff960001f6fc3 8 bytes - win32k!XLATE::pfnXlateBetweenBitfields+60 (+0x438a4) [ 90 90 90 90 90 90 90 90:28 f8 6c 03 80 f8 ff ff ] fffff960001f76b8-fffff960001f76bd 6 bytes - win32k!NtGdiBitBltInternal (+0x6fc) [ 48 8b c4 48 89 58:ff 25 6a 35 00 00 ] fffff960001fac28-fffff960001fac2f 8 bytes - win32k!CaptureDriverInfo2W+318 (+0x3570) [ 90 90 90 90 90 90 90 90:08 ee 6c 03 80 f8 ff ff ] fffff960001fb058-fffff960001fb05f 8 bytes - win32k!NtGdiGetBitmapBits+d4 (+0x430) [ 90 90 90 90 90 90 90 90:94 d2 6c 03 80 f8 ff ff ] WARNING: !chkimg output was truncated to 50 lines. Invoke !chkimg without '-lo [num_lines]' to view entire output. Page 994ac not present in the dump file. Type ".hh dbgerr004" for details Page 99fba not present in the dump file. Type ".hh dbgerr004" for details Page 9a1bc not present in the dump file. Type ".hh dbgerr004" for details Page 9a2bd not present in the dump file. Type ".hh dbgerr004" for details Page 99cbe not present in the dump file. Type ".hh dbgerr004" for details Page 996bf not present in the dump file. Type ".hh dbgerr004" for details Page 995c0 not present in the dump file. Type ".hh dbgerr004" for details Page 996c1 not present in the dump file. Type ".hh dbgerr004" for details Page 992c2 not present in the dump file. Type ".hh dbgerr004" for details Page 993c3 not present in the dump file. Type ".hh dbgerr004" for details Page 996c4 not present in the dump file. Type ".hh dbgerr004" for details Page 990c5 not present in the dump file. Type ".hh dbgerr004" for details Page 996c7 not present in the dump file. Type ".hh dbgerr004" for details Page 991cb not present in the dump file. Type ".hh dbgerr004" for details Page 99cd9 not present in the dump file. Type ".hh dbgerr004" for details Page 99bda not present in the dump file. Type ".hh dbgerr004" for details Page 99bdb not present in the dump file. Type ".hh dbgerr004" for details Page 999dc not present in the dump file. Type ".hh dbgerr004" for details Page 999dd not present in the dump file. Type ".hh dbgerr004" for details Page 99bde not present in the dump file. Type ".hh dbgerr004" for details Page 997df not present in the dump file. Type ".hh dbgerr004" for details Page 99ced not present in the dump file. Type ".hh dbgerr004" for details Page 997ef not present in the dump file. Type ".hh dbgerr004" for details Page 994f0 not present in the dump file. Type ".hh dbgerr004" for details Page 999f1 not present in the dump file. Type ".hh dbgerr004" for details Page 99ef4 not present in the dump file. Type ".hh dbgerr004" for details Page 999f5 not present in the dump file. Type ".hh dbgerr004" for details Page 994f6 not present in the dump file. Type ".hh dbgerr004" for details Page 994f7 not present in the dump file. Type ".hh dbgerr004" for details Page 992f8 not present in the dump file. Type ".hh dbgerr004" for details Page 996f9 not present in the dump file. Type ".hh dbgerr004" for details Page 996fa not present in the dump file. Type ".hh dbgerr004" for details Page 995fb not present in the dump file. Type ".hh dbgerr004" for details Page 6f401 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc02 not present in the dump file. Type ".hh dbgerr004" for details Page 6f703 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb04 not present in the dump file. Type ".hh dbgerr004" for details Page 6f705 not present in the dump file. Type ".hh dbgerr004" for details Page 6f906 not present in the dump file. Type ".hh dbgerr004" for details Page 6f407 not present in the dump file. Type ".hh dbgerr004" for details Page 6fa08 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc12 not present in the dump file. Type ".hh dbgerr004" for details Page 6fc13 not present in the dump file. Type ".hh dbgerr004" for details Page 6fb1c not present in the dump file. Type ".hh dbgerr004" for details Page 6fa1d not present in the dump file. Type ".hh dbgerr004" for details Page 6ff1f not present in the dump file. Type ".hh dbgerr004" for details Page 6fe20 not present in the dump file. Type ".hh dbgerr004" for details Page 8f721 not present in the dump file. Type ".hh dbgerr004" for details Page 8fb22 not present in the dump file. Type ".hh dbgerr004" for details Page 90324 not present in the dump file. Type ".hh dbgerr004" for details Page 90b2c not present in the dump file. Type ".hh dbgerr004" for details Page 90d2d not present in the dump file. Type ".hh dbgerr004" for details Page 90d2e not present in the dump file. Type ".hh dbgerr004" for details Page 9052f not present in the dump file. Type ".hh dbgerr004" for details Page 91233 not present in the dump file. Type ".hh dbgerr004" for details Page 9243b not present in the dump file. Type ".hh dbgerr004" for details Page 9213c not present in the dump file. Type ".hh dbgerr004" for details Page 9223d not present in the dump file. Type ".hh dbgerr004" for details Page 91c3e not present in the dump file. Type ".hh dbgerr004" for details Page 92440 not present in the dump file. Type ".hh dbgerr004" for details Page 9874d not present in the dump file. Type ".hh dbgerr004" for details Page 9894e not present in the dump file. Type ".hh dbgerr004" for details Page 9854f not present in the dump file. Type ".hh dbgerr004" for details 404 errors : !win32k (fffff96000037e94-fffff9600020c3b5) MODULE_NAME: memory_corruption IMAGE_NAME: memory_corruption FOLLOWUP_NAME: memory_corruption DEBUG_FLR_IMAGE_TIMESTAMP: 0 MEMORY_CORRUPTOR: LARGE FAILURE_BUCKET_ID: X64_MEMORY_CORRUPTION_LARGE BUCKET_ID: X64_MEMORY_CORRUPTION_LARGE Followup: memory_corruption --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* CLOCK_WATCHDOG_TIMEOUT (101) An expected clock interrupt was not received on a secondary processor in an MP system within the allocated interval. This indicates that the specified processor is hung and not processing interrupts. Arguments: Arg1: 0000000000000041, Clock interrupt time out interval in nominal clock ticks. Arg2: 0000000000000000, 0. Arg3: fffff880009e9180, The PRCB address of the hung processor. Arg4: 0000000000000001, 0. Debugging Details: ------------------ [/log] Niemniej możecie na to spojrzeć i zasugerować co i jak EDIT: Dobra, w wolnej chwili przetestuję pamięci Memtestem (już wypaliłem nawet płytkę / nie mam wolnego pena ).
raazor90 komentarz 19 maja 2012 komentarz 19 maja 2012 [quote name='Igorrodz' timestamp='1337381765' post='1503164'] CLOCK_WATCHDOG_TIMEOUT (101) [/quote] kręciłeś proca? 1
Igorrodz komentarz 19 maja 2012 Autor komentarz 19 maja 2012 Tak, podkręciłem szyną. Mam dokładnie takie ustawienia: [url=http://obrazki.elektroda.net/23_1337430061.jpg][img]http://obrazki.elektroda.net/23_1337430061_thumb.jpg[/img][/url] Co do samych pamięci i przetestowania ich - sprawne: [url=http://obrazki.elektroda.net/22_1337430313.jpg][img]http://obrazki.elektroda.net/22_1337430313_thumb.jpg[/img][/url] Sugerujesz, że 'przekręciłem' procesor?
raazor90 komentarz 19 maja 2012 komentarz 19 maja 2012 Dla mnie coś nie halo z prockiem, dałem wędkę łap ryby 1
Igorrodz komentarz 19 maja 2012 Autor komentarz 19 maja 2012 Heh, rozumiem. Zresztą... zresztą ten kastrat zaczyna mnie wnerwiać Ani go porządnie odblokować ani porządnie podkręcić nie da się. Masakra
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.