Przemall utworzono 5 sierpnia 2012 utworzono 5 sierpnia 2012 Witam, mam taki problem że zacina mi się gra APB reloaded, czy mam najniższe, czy najwyższe detale, żadnej różnicy nie ma. Co dziwne podczas grania mam zużycie procesora na poziomie 20-30%, a ramu 3,5-3,8 na 4 GB. Konfiguracja w sygnaturze.
Igorrodz komentarz 5 sierpnia 2012 komentarz 5 sierpnia 2012 [quote name='Przemall' timestamp='1344184195' post='1552342'] a ramu 3,5-3,8 na 4 GB. [/quote] Czyli wygląda, że dławi się małą ilością pamięci ponieważ część z niej rezerwuje sobie system operacyjny.
Przemall komentarz 6 sierpnia 2012 Autor komentarz 6 sierpnia 2012 (edytowane) To system niedość, że bierze sobie 1-1,5GB jak nic nie robie to jescze sobie cośtam rezerwuje? A może karta graficzna ma coś do tego. A jeśli trzeba ram dokupić, to lepiej 2x2GB, czy 1x4GB, żeby slot jeszcze wolny został?
Igorrodz komentarz 6 sierpnia 2012 komentarz 6 sierpnia 2012 1x4GB ovzywiście. Bo w dualu zysk niezauważalny do maks 5%.
Przemall komentarz 6 sierpnia 2012 Autor komentarz 6 sierpnia 2012 (edytowane) Poprzednie odczyty były dziwne dosyć bo teraz wyglądają tak: CPU: 3 rdzenie 90-100% a jeden 60% i tak sie zmieniają między sobą co sekunde, który to z nich ma te 60% mieć. GPU: 85-95% RAM 3,6-3,8GB Nie, ja tego nie ogarniam, to nie na moją głowe. Wyniki powyżej były przy taktowaniu 3,2GHz i do 100% rzadko dochodziły, raczej tak przy 90 były. Teraz podkręciłem do 4,0Ghz, temperatury dobre, ale zużycie 100% czasami 98%.
leggo komentarz 6 sierpnia 2012 komentarz 6 sierpnia 2012 Jeśli dobrze pamiętam ta gra według wymagań potrzebuje tylko 3GB. U mnie gdy miałem jeszcze 4GB działała bez problemów więc to raczej nie jest wina ramu. Inną sprawą są ogromne lagi, które przynajmniej jeszcze jakiś czas temu były w tej grze standardem (oczywiście głównie w godzinach największego obciążenia).
Przemall komentarz 6 sierpnia 2012 Autor komentarz 6 sierpnia 2012 nie lagi, ta gra mi się tnie, podkręciłem karte graficzną na maxa w programie( temperatury takie same nie wiem czy to coś dało, czy to nie bubel jakiś program to afterburn ) i już chodzi płynnie, że da się strzelać i jeździć, jedynie co kilkanaście sekund są ściny 1 sekundowe.
Igorrodz komentarz 6 sierpnia 2012 komentarz 6 sierpnia 2012 Dobra, przeskanuj komputer tym: http://www.eset.pl/Pobierz/Dodatkowe_narzedzia/ESET_Online_Scanner http://www.dobreprogramy.pl/Spybot-Search-Destroy,Program,Windows,12546.html http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html a następnie oczyśc dysk, system i rejestr tym: http://www.dobreprogramy.pl/CCleaner,Program,Windows,13061.html Po tych czynnościach wykonaj logi wg tego poradnika: http://www.forumpc.pl/index.php?showtopic=104338
Przemall komentarz 3 września 2012 Autor komentarz 3 września 2012 (edytowane) Wszysko zrobiłem jak należy, a teraz logi: OTL. [log] OTL logfile created on: 2012-08-31 17:31:13 - Run 1 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Przemall\Downloads 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 68,00% Memory free 8,00 Gb Paging File | 6,54 Gb Available in Paging File | 81,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,30 Gb Total Space | 78,30 Gb Free Space | 78,07% Space Free | Partition Type: NTFS Drive D: | 365,36 Gb Total Space | 226,19 Gb Free Space | 61,91% Space Free | Partition Type: NTFS Drive E: | 3,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PRZEMALL-KOMP | User Name: Przemall | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-08-31 17:30:06 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Przemall\Downloads\OTL.exe PRC - [2012-08-31 11:11:24 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe PRC - [2012-08-25 03:59:28 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2012-08-25 03:59:03 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-05-15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-08-31 17:30:06 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Przemall\Downloads\OTL.exe MOD - [2012-08-31 11:11:24 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll MOD - [2012-08-31 11:11:24 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe MOD - [2012-08-25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll MOD - [2012-08-25 04:00:03 | 015,612,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll MOD - [2012-08-25 03:59:34 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll MOD - [2012-08-25 03:59:32 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll MOD - [2012-08-25 03:59:31 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll MOD - [2012-08-25 03:59:29 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll MOD - [2012-08-25 03:59:28 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe MOD - [2012-08-25 03:59:27 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll MOD - [2012-08-25 03:59:26 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll MOD - [2012-08-25 03:59:25 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll MOD - [2012-08-25 03:59:24 | 000,096,224 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll MOD - [2012-08-25 03:59:23 | 000,370,656 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll MOD - [2012-08-25 03:59:21 | 000,638,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll MOD - [2012-08-25 03:59:20 | 000,171,488 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll MOD - [2012-08-25 03:59:18 | 000,813,536 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll MOD - [2012-08-25 03:59:17 | 002,242,528 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-08-25 03:59:14 | 000,068,576 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll MOD - [2012-08-25 03:59:13 | 000,015,840 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll MOD - [2012-08-25 03:59:07 | 002,289,120 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll MOD - [2012-08-25 03:59:05 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll MOD - [2012-08-25 03:59:03 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe MOD - [2012-08-25 03:58:37 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll MOD - [2012-08-25 03:58:37 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll MOD - [2012-05-15 12:48:00 | 008,105,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll MOD - [2012-05-15 12:48:00 | 002,368,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll MOD - [2012-05-15 02:21:42 | 000,354,624 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MOD - [2012-05-15 02:21:36 | 000,891,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MOD - [2012-05-15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009-07-14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 03:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2009-07-14 03:16:19 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009-07-14 03:16:17 | 001,224,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 03:16:13 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2009-07-14 03:16:13 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2009-07-14 03:15:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2009-07-14 03:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 03:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2009-07-14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009-07-14 03:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2009-07-14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009-07-14 03:15:19 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 03:15:13 | 001,069,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 03:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:12 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 03:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2009-07-14 03:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 03:15:07 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2009-07-14 03:15:07 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 03:15:07 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 03:15:07 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2009-07-14 03:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 03:14:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009-06-10 23:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-08-31 11:11:24 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-08-25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-23 22:29:15 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-05-15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2010-12-28 21:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-12-22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKU\S-1-5-21-1966551552-2173817885-904226291-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1966551552-2173817885-904226291-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url] IE - HKU\S-1-5-21-1966551552-2173817885-904226291-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-08-31 10:27:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-08-31 13:16:47 | 000,000,000 | ---D | M] [2012-08-31 10:27:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemall\AppData\Roaming\mozilla\Extensions [2012-08-31 10:45:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemall\AppData\Roaming\mozilla\Firefox\Profiles\viq3sf3k.default\extensions [2012-08-31 10:27:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-08-25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-08-25 05:42:39 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-08-25 05:42:39 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-08-25 05:42:39 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-08-25 05:42:39 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-08-25 05:42:39 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-08-25 05:42:39 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1966551552-2173817885-904226291-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1966551552-2173817885-904226291-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84E692DD-D0BC-4E1B-B518-4044878A3061}: DhcpNameServer = 192.168.1.1 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-09-03 11:02:35 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{0675ae45-f342-11e1-ad8d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{0675ae45-f342-11e1-ad8d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DVDSetup.exe -- [2010-12-20 09:06:54 | 000,700,416 | R--- | M] (Micro-Star International) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] WudfRd - Driver SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WudfRd - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfRd - Driver SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfRd - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-08-31 17:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-08-31 17:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-08-31 17:14:21 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\Malwarebytes [2012-08-31 17:14:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-08-31 15:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-08-31 15:01:34 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Local\Skyrim [2012-08-31 14:57:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012-08-31 14:09:32 | 000,000,000 | ---D | C] -- C:\Users\Przemall\Documents\BattleForge [2012-08-31 13:26:21 | 000,000,000 | ---D | C] -- C:\Users\Przemall\Documents\my games [2012-08-31 13:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012-08-31 13:18:22 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\ESET [2012-08-31 13:18:22 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Local\ESET [2012-08-31 13:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-08-31 13:16:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-08-31 13:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-08-31 11:56:22 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\LolClient [2012-08-31 11:45:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012-08-31 11:11:39 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\Macromedia [2012-08-31 11:11:39 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Local\Macromedia [2012-08-31 11:11:39 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\Adobe [2012-08-31 11:11:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012-08-31 11:11:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012-08-31 11:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-08-31 11:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-08-31 11:04:02 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-08-31 11:04:02 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-08-31 11:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-08-31 11:03:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012-08-31 11:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012-08-31 10:59:59 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012-08-31 10:42:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012-08-31 10:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-08-31 10:41:58 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012-08-31 10:41:57 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012-08-31 10:41:56 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012-08-31 10:41:56 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll [2012-08-31 10:41:56 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012-08-31 10:41:56 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012-08-31 10:41:56 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll [2012-08-31 10:41:56 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2012-08-31 10:41:56 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2012-08-31 10:41:54 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012-08-31 10:41:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012-08-31 10:41:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012-08-31 10:41:54 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012-08-31 10:41:54 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012-08-31 10:41:54 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012-08-31 10:41:52 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2012-08-31 10:41:52 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2012-08-31 10:41:52 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012-08-31 10:41:52 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2012-08-31 10:41:52 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2012-08-31 10:41:52 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2012-08-31 10:41:51 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012-08-31 10:41:51 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012-08-31 10:41:51 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2012-08-31 10:41:51 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012-08-31 10:41:48 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012-08-31 10:41:47 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012-08-31 10:41:47 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012-08-31 10:41:47 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2012-08-31 10:41:47 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012-08-31 10:41:47 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012-08-31 10:41:47 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012-08-31 10:41:47 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012-08-31 10:41:47 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2012-08-31 10:41:47 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012-08-31 10:41:47 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2012-08-31 10:41:47 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2012-08-31 10:41:47 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2012-08-31 10:41:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012-08-31 10:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012-08-31 10:40:50 | 000,412,776 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012-08-31 10:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012-08-31 10:40:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012-08-31 10:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2012-08-31 10:39:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012-08-31 10:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD [2012-08-31 10:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-08-31 10:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012-08-31 10:32:11 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\TS3Client [2012-08-31 10:31:14 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012-08-31 10:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012-08-31 10:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2012-08-31 10:27:46 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\Mozilla [2012-08-31 10:27:46 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Local\Mozilla [2012-08-31 10:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-08-31 10:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-08-31 10:27:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012-08-31 10:20:45 | 000,000,000 | R--D | C] -- C:\Users\Przemall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-08-31 10:20:45 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Searches [2012-08-31 10:20:45 | 000,000,000 | R--D | C] -- C:\Users\Przemall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-08-31 10:20:36 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\Identities [2012-08-31 10:20:35 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Contacts [2012-08-31 10:20:33 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Local\VirtualStore [2012-08-31 10:20:27 | 000,000,000 | --SD | C] -- C:\Users\Przemall\AppData\Roaming\Microsoft [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Videos [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Saved Games [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Pictures [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Music [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Links [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Favorites [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Downloads [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Documents [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\Desktop [2012-08-31 10:20:27 | 000,000,000 | R--D | C] -- C:\Users\Przemall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Ustawienia lokalne [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\AppData\Local\Temporary Internet Files [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Szablony [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\SendTo [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Recent [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\PrintHood [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\NetHood [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Documents\Moje wideo [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Documents\Moje obrazy [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Moje dokumenty [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Documents\Moja muzyka [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Menu Start [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\AppData\Local\Historia [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Dane aplikacji [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\AppData\Local\Dane aplikacji [2012-08-31 10:20:27 | 000,000,000 | -HSD | C] -- C:\Users\Przemall\Cookies [2012-08-31 10:20:27 | 000,000,000 | -H-D | C] -- C:\Users\Przemall\AppData [2012-08-31 10:20:27 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Local\Temp [2012-08-31 10:20:27 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Local\Microsoft [2012-08-31 10:20:27 | 000,000,000 | ---D | C] -- C:\Users\Przemall\AppData\Roaming\Media Center Programs [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-08-31 10:20:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2012-08-31 10:04:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-08-31 10:01:35 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012-08-29 22:12:44 | 000,000,000 | ---D | C] -- C:\Fraps [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-08-31 17:31:55 | 000,737,242 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-08-31 17:31:55 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-08-31 17:31:55 | 000,153,930 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-08-31 17:31:55 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-08-31 17:31:54 | 001,661,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-08-31 17:29:02 | 000,004,032 | ---- | M] () -- C:\Users\Przemall\Documents\cc_20120831_172858.reg [2012-08-31 17:29:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-31 17:25:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-08-31 17:25:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-31 17:25:44 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2012-08-31 17:25:16 | 000,009,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-31 17:25:16 | 000,009,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-31 17:25:14 | 000,786,432 | -HS- | M] () -- C:\Users\Przemall\NTUSER.DAT [2012-08-31 17:25:11 | 001,358,306 | -H-- | M] () -- C:\Users\Przemall\AppData\Local\IconCache.db [2012-08-31 14:02:51 | 000,001,527 | ---- | M] () -- C:\Users\Public\Desktop\BattleForge™.lnk [2012-08-31 13:21:28 | 001,636,610 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-08-31 11:06:32 | 000,524,288 | -HS- | M] () -- C:\Users\Przemall\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012-08-31 11:06:32 | 000,524,288 | -HS- | M] () -- C:\Users\Przemall\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012-08-31 11:06:32 | 000,065,536 | -HS- | M] () -- C:\Users\Przemall\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012-08-31 10:29:34 | 000,057,560 | ---- | M] () -- C:\Users\Przemall\AppData\Local\GDIPFONTCACHEV1.DAT [2012-08-31 10:20:27 | 000,000,020 | -HS- | M] () -- C:\Users\Przemall\ntuser.ini [2012-08-31 10:05:05 | 000,067,912 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012-08-31 10:05:05 | 000,067,912 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012-08-31 10:01:41 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-08-23 12:32:33 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-31 17:28:59 | 000,004,032 | ---- | C] () -- C:\Users\Przemall\Documents\cc_20120831_172858.reg [2012-08-31 14:02:51 | 000,001,527 | ---- | C] () -- C:\Users\Public\Desktop\BattleForge™.lnk [2012-08-31 13:20:26 | 001,636,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-08-31 11:11:24 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-31 11:06:30 | 001,358,306 | -H-- | C] () -- C:\Users\Przemall\AppData\Local\IconCache.db [2012-08-31 11:04:10 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2012-08-31 11:03:43 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012-08-31 10:40:50 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2012-08-31 10:29:34 | 000,057,560 | ---- | C] () -- C:\Users\Przemall\AppData\Local\GDIPFONTCACHEV1.DAT [2012-08-31 10:27:44 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-08-31 10:20:52 | 000,001,429 | ---- | C] () -- C:\Users\Przemall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012-08-31 10:20:47 | 000,001,463 | ---- | C] () -- C:\Users\Przemall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-08-31 10:20:27 | 000,786,432 | -HS- | C] () -- C:\Users\Przemall\NTUSER.DAT [2012-08-31 10:20:27 | 000,524,288 | -HS- | C] () -- C:\Users\Przemall\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012-08-31 10:20:27 | 000,524,288 | -HS- | C] () -- C:\Users\Przemall\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012-08-31 10:20:27 | 000,065,536 | -HS- | C] () -- C:\Users\Przemall\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012-08-31 10:20:27 | 000,000,020 | -HS- | C] () -- C:\Users\Przemall\ntuser.ini [2012-08-31 10:04:59 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012-08-31 10:04:48 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012-08-23 12:32:33 | 000,003,352 | ---- | C] () -- C:\bootsqm.dat [2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [color=#E56717]========== LOP Check ==========[/color] [2012-08-31 13:18:22 | 000,000,000 | ---D | M] -- C:\Users\Przemall\AppData\Roaming\ESET [2012-08-31 11:56:22 | 000,000,000 | ---D | M] -- C:\Users\Przemall\AppData\Roaming\LolClient [2012-08-31 17:29:43 | 000,000,000 | ---D | M] -- C:\Users\Przemall\AppData\Roaming\TS3Client [2009-07-14 07:08:49 | 000,002,494 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2012-08-23 12:32:33 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat [2012-08-31 17:25:44 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2012-08-31 10:41:31 | 000,000,189 | ---- | M] () -- C:\mylog.log [2012-08-31 17:25:52 | 4294,107,136 | -HS- | M] () -- C:\pagefile.sys [2012-08-31 10:42:19 | 000,002,236 | ---- | M] () -- C:\RHDSetup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe < End of report > [/log] kolejny z OTL [log] OTL Extras logfile created on: 2012-08-31 17:31:13 - Run 1 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Przemall\Downloads 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 68,00% Memory free 8,00 Gb Paging File | 6,54 Gb Available in Paging File | 81,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,30 Gb Total Space | 78,30 Gb Free Space | 78,07% Space Free | Partition Type: NTFS Drive D: | 365,36 Gb Total Space | 226,19 Gb Free Space | 61,91% Space Free | Partition Type: NTFS Drive E: | 3,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PRZEMALL-KOMP | User Name: Przemall | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1966551552-2173817885-904226291-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01071A02-1471-47E1-8E07-98336E859549}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{04A95247-5071-4645-9A19-733F6FE00245}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{1A6DCF39-B0DE-4785-B20D-06D2AA7452DD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{220C05AF-B461-4757-83DE-96608580E1CC}" = lport=2869 | protocol=6 | dir=in | app=system | "{2EEFA87B-84C1-4EAB-ABFF-52DB26CA2B90}" = rport=10243 | protocol=6 | dir=out | app=system | "{4E824548-759C-4FD6-B111-834D08F11F92}" = rport=137 | protocol=17 | dir=out | app=system | "{56BC8042-83FC-49B9-91E2-B3828837823F}" = rport=445 | protocol=6 | dir=out | app=system | "{635CDA36-4840-4659-AC58-43227AD67E1D}" = lport=137 | protocol=17 | dir=in | app=system | "{7109FACC-FC0D-475E-9E10-54A944E182BA}" = lport=445 | protocol=6 | dir=in | app=system | "{817A0FA2-4907-44B7-A33F-1296B31520A5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A67D637D-3151-4165-9553-C0E4EF6F86DB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B4CC780F-716A-4356-9D36-580CF5651764}" = lport=139 | protocol=6 | dir=in | app=system | "{C73E4AEC-AD7F-4166-ACA6-35768CAB47CE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DA646A16-7799-4937-80FB-099DF30F60D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DDDB96A6-BE9A-42A7-B3E2-E06663D233CA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E4DFA13E-5C49-449B-910F-4647C439A22F}" = lport=10243 | protocol=6 | dir=in | app=system | "{EA1004C5-BF62-4285-B4D8-9D70AAE0E8F8}" = rport=138 | protocol=17 | dir=out | app=system | "{EC4BCFD0-058C-4D45-A979-E93FD793E789}" = rport=139 | protocol=6 | dir=out | app=system | "{ED74BE81-B05B-4B89-8400-DF222665FECB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F06C89E0-96CF-491B-A5AB-8E623CBC60BE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FD440459-3851-4A43-9DAA-744F536664FB}" = lport=138 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0E93FCC8-08EE-424F-9278-12C2DAF84DDE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1B4692E3-E880-497F-8B03-AEB4F339BDB8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2A9A49CF-6B6A-44ED-BBA1-F6083C62B35E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{3928CA2B-5A36-489A-9AA1-5F264230F7FC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{419D13D7-850E-41A5-92EE-0E0CBA9302EC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{430506A3-75E7-4140-9589-08179643B5A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4C185236-13B6-457F-81A6-69FC735B8393}" = protocol=17 | dir=in | app=d:\battleforge\bootstrapper.exe | "{56594853-741F-4F72-93A9-52E0FEF2BB3E}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{5F141407-6105-420A-9F07-96876CB625F2}" = protocol=17 | dir=in | app=d:\battleforge\battleforge.exe | "{6CD74AA1-A86F-4AEF-AC15-70A70A3BD79E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6F5FACDD-E137-4FD2-B550-6D4111A00878}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{81CB8944-081D-495A-94B5-ABDFE174E6D9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{89E95748-29FF-41C7-9119-899A2CB62741}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A93416E6-3CAB-45B3-811A-112F1D58B69C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{AAA02104-F20E-4787-AD99-6BD860D2690B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B4F9BE6B-4E6B-46BD-A111-5FF725A3BB20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C18FCA41-55E2-43D7-9C68-761663012CDD}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{C73DAE8B-5F05-4CAE-ABAF-24512BC25696}" = protocol=6 | dir=out | app=system | "{C8543B84-F3B8-4E0B-BC74-1BF77EA6093A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{CE7685DA-8BFB-4BE2-98F4-982B9D3701F9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CF11E8DF-514B-4AC9-B6A3-3E5B79E1C79D}" = protocol=6 | dir=in | app=d:\battleforge\battleforge.exe | "{D9A2EB43-FD18-4E9B-9817-7FBB332DB92B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E36B4D3E-1CB9-4B16-8F41-E45EE73AB7AF}" = protocol=6 | dir=in | app=d:\battleforge\bootstrapper.exe | "{E9B1F073-F923-4856-BA5A-20509A462B2D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FDC69B30-0713-4658-8172-97AD236169E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{64555D45-1F57-BF1D-1A5E-BFD4C8C0ADB4}" = ATI Catalyst Install Manager "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.16.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{E347EB49-EA61-49D3-B8C8-7406773B93A4}" = ESET Smart Security "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™ "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ESET Online Scanner" = ESET Online Scanner v3 "Mozilla Firefox 15.0 (x86 pl)" = Mozilla Firefox 15.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-08-31 07:09:48 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Battleforge\bs.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-08-31 07:09:58 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Battleforge\bs.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-08-31 07:10:09 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Battleforge\bs.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-08-31 07:12:29 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Przemall\Downloads\SoftonicDownloader_dla_monitor-systemu.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2012-08-31 07:29:35 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Battleforge\bs.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-08-31 07:29:38 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Battleforge\bs.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-08-31 07:29:52 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Battleforge\bs.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-08-31 08:00:45 | Computer Name = Przemall-Komp | Source = MsiInstaller | ID = 11327 Description = Error - 2012-08-31 08:57:58 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Przemall\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Error - 2012-08-31 09:46:11 | Computer Name = Przemall-Komp | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Przemall\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. [ System Events ] Error - 2012-08-31 04:05:17 | Computer Name = 37L4247E29-32 | Source = Service Control Manager | ID = 7023 Description = Usługa Usługa Czas systemu Windows zakończyła działanie; wystąpił następujący błąd: %%2 Error - 2012-08-31 04:07:42 | Computer Name = Przemall-Komp | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147467243. Error - 2012-08-31 05:36:23 | Computer Name = Przemall-Komp | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 11:35:33 na ?2012-?08-?31 było nieoczekiwane. Error - 2012-08-31 05:41:27 | Computer Name = Przemall-Komp | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 11:37:13 na ?2012-?08-?31 było nieoczekiwane. Error - 2012-08-31 07:17:23 | Computer Name = Przemall-Komp | Source = Service Control Manager | ID = 7030 Description = Usługa ESET Service jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. < End of report > [/log] a teraz czas na ten drugi program RSIT [log] Logfile of random's system information tool 1.09 (written by random/random) Run by Przemall at 2012-08-31 17:36:34 Microsoft Windows 7 Professional System drive C: has 80 GB (78%) free of 103 GB Total RAM: 4095 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:36:38, on 2012-08-31 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe C:\Users\Przemall\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Przemall.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-1966551552-2173817885-904226291-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1966551552-2173817885-904226291-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 5877 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Przemall\AppData\Roaming\Mozilla\Firefox\Profiles\viq3sf3k.default prefs.js - "browser.startup.homepage" - "google.pl" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.4.402.265 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml ======Registry dump====== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-08-31 17:36:34 ----D---- C:\rsit 2012-08-31 17:36:34 ----D---- C:\Program Files (x86)\trend micro 2012-08-31 17:14:21 ----D---- C:\Users\Przemall\AppData\Roaming\Malwarebytes 2012-08-31 17:14:18 ----D---- C:\ProgramData\Malwarebytes 2012-08-31 15:46:59 ----D---- C:\ProgramData\Spybot - Search & Destroy 2012-08-31 14:57:58 ----D---- C:\Program Files (x86)\ESET 2012-08-31 14:47:02 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2012-08-31 14:47:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-08-31 14:47:00 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2012-08-31 13:20:26 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2012-08-31 13:19:10 ----D---- C:\Program Files (x86)\Microsoft.NET 2012-08-31 13:18:22 ----D---- C:\Users\Przemall\AppData\Roaming\ESET 2012-08-31 13:16:30 ----D---- C:\ProgramData\ESET 2012-08-31 13:13:16 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll 2012-08-31 13:13:16 ----A---- C:\Windows\SysWOW64\PresentationHost.exe 2012-08-31 13:13:16 ----A---- C:\Windows\SysWOW64\netfxperf.dll 2012-08-31 13:13:16 ----A---- C:\Windows\SysWOW64\mscoree.dll 2012-08-31 13:13:16 ----A---- C:\Windows\SysWOW64\dfshim.dll 2012-08-31 11:56:22 ----D---- C:\Users\Przemall\AppData\Roaming\LolClient 2012-08-31 11:54:58 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2012-08-31 11:54:58 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2012-08-31 11:54:58 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2012-08-31 11:54:57 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2012-08-31 11:54:56 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll 2012-08-31 11:54:56 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2012-08-31 11:54:56 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2012-08-31 11:54:56 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll 2012-08-31 11:54:56 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2012-08-31 11:54:56 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll 2012-08-31 11:54:55 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2012-08-31 11:54:54 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2012-08-31 11:54:53 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2012-08-31 11:54:52 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2012-08-31 11:54:52 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2012-08-31 11:54:52 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2012-08-31 11:54:51 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2012-08-31 11:54:51 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2012-08-31 11:54:51 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2012-08-31 11:54:51 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2012-08-31 11:54:50 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2012-08-31 11:54:49 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2012-08-31 11:54:48 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2012-08-31 11:54:47 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2012-08-31 11:54:47 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2012-08-31 11:54:47 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2012-08-31 11:54:47 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2012-08-31 11:54:46 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2012-08-31 11:54:45 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2012-08-31 11:54:45 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2012-08-31 11:54:45 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2012-08-31 11:54:45 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2012-08-31 11:54:45 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2012-08-31 11:54:45 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2012-08-31 11:54:44 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2012-08-31 11:54:44 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2012-08-31 11:45:28 ----D---- C:\Windows\SysWOW64\directx 2012-08-31 11:11:39 ----D---- C:\Users\Przemall\AppData\Roaming\Macromedia 2012-08-31 11:11:39 ----D---- C:\Users\Przemall\AppData\Roaming\Adobe 2012-08-31 11:11:24 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-31 11:11:23 ----D---- C:\Windows\SysWOW64\Macromed 2012-08-31 11:04:27 ----D---- C:\ProgramData\NVIDIA 2012-08-31 11:04:02 ----A---- C:\Windows\SysWOW64\OpenCL.dll 2012-08-31 11:03:57 ----D---- C:\ProgramData\NVIDIA Corporation 2012-08-31 11:03:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvumdshim.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvoglv32.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvinit.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvdecodemft.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvd3dum.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvcuvid.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvcuda.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvcompiler.dll 2012-08-31 11:03:43 ----A---- C:\Windows\SysWOW64\nvapi.dll 2012-08-31 10:59:59 ----D---- C:\Windows\Panther 2012-08-31 10:42:12 ----D---- C:\Windows\SysWOW64\RTCOM 2012-08-31 10:41:56 ----A---- C:\Windows\SysWOW64\SFCOM.dll 2012-08-31 10:41:45 ----HD---- C:\Program Files (x86)\Temp 2012-08-31 10:41:44 ----R---- C:\Windows\RtlExUpd.dll 2012-08-31 10:41:42 ----D---- C:\Program Files (x86)\Common Files\InstallShield 2012-08-31 10:40:47 ----D---- C:\Program Files (x86)\Realtek 2012-08-31 10:40:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2012-08-31 10:39:46 ----D---- C:\Program Files (x86)\AMD 2012-08-31 10:32:53 ----D---- C:\Program Files (x86)\Common Files\Steam 2012-08-31 10:32:11 ----D---- C:\Users\Przemall\AppData\Roaming\TS3Client 2012-08-31 10:31:14 ----SHD---- C:\Windows\Installer 2012-08-31 10:27:46 ----D---- C:\Users\Przemall\AppData\Roaming\Mozilla 2012-08-31 10:27:43 ----D---- C:\ProgramData\Mozilla 2012-08-31 10:27:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2012-08-31 10:27:42 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-08-31 10:20:36 ----D---- C:\Users\Przemall\AppData\Roaming\Identities 2012-08-31 10:20:27 ----SD---- C:\Users\Przemall\AppData\Roaming\Microsoft 2012-08-31 10:20:27 ----D---- C:\Users\Przemall\AppData\Roaming\Media Center Programs 2012-08-31 10:20:11 ----SHD---- C:\ProgramData\Ulubione 2012-08-31 10:20:11 ----SHD---- C:\ProgramData\Szablony 2012-08-31 10:20:11 ----SHD---- C:\ProgramData\Pulpit 2012-08-31 10:20:11 ----SHD---- C:\ProgramData\Menu Start 2012-08-31 10:20:11 ----SHD---- C:\ProgramData\Dokumenty 2012-08-31 10:20:11 ----SHD---- C:\ProgramData\Dane aplikacji 2012-08-31 10:04:02 ----D---- C:\Windows\SoftwareDistribution 2012-08-31 10:01:35 ----D---- C:\Windows\Prefetch 2012-08-29 22:12:44 ----D---- C:\Fraps 2012-08-23 12:32:33 ----N---- C:\bootsqm.dat ======List of files/folders modified in the last 1 month====== 2012-08-31 17:36:37 ----D---- C:\Windows\Temp 2012-08-31 17:36:34 ----RD---- C:\Program Files (x86) 2012-08-31 17:31:55 ----D---- C:\Windows\System32 2012-08-31 17:31:54 ----D---- C:\Windows\inf 2012-08-31 17:28:38 ----D---- C:\Windows 2012-08-31 17:22:49 ----D---- C:\Windows\Logs 2012-08-31 17:22:49 ----D---- C:\Windows\debug 2012-08-31 17:22:32 ----RD---- C:\Program Files 2012-08-31 17:14:18 ----HD---- C:\ProgramData 2012-08-31 15:01:10 ----D---- C:\Windows\SysWOW64 2012-08-31 15:00:38 ----RSD---- C:\Windows\assembly 2012-08-31 15:00:12 ----SHD---- C:\System Volume Information 2012-08-31 14:45:10 ----D---- C:\Windows\winsxs 2012-08-31 14:10:15 ----D---- C:\Windows\Microsoft.NET 2012-08-31 13:59:38 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2012-08-31 13:20:45 ----D---- C:\Windows\SysWOW64\pl-PL 2012-08-31 13:19:11 ----D---- C:\Windows\SysWOW64\en-US 2012-08-31 11:11:24 ----D---- C:\Windows\Tasks 2012-08-31 11:04:58 ----RD---- C:\Users 2012-08-31 11:04:09 ----D---- C:\Windows\Help 2012-08-31 10:41:42 ----D---- C:\Program Files (x86)\Common Files 2012-08-31 10:20:34 ----SHD---- C:\$Recycle.Bin 2012-08-31 10:20:12 ----SHD---- C:\Recovery 2012-08-31 10:20:12 ----SD---- C:\ProgramData\Microsoft 2012-08-31 10:20:03 ----D---- C:\Windows\rescache 2012-08-31 10:01:53 ----D---- C:\Windows\CSC ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [] R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-31 250568] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;„Usługa stanu ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-25 114144] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-23 529744] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF----------------- [/log] i drugi z tego [log] info.txt logfile of random's system information tool 1.09 2012-08-31 17:36:39 ======Uninstall list====== -->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_Plugin.exe -maintain plugin AMD USB Filter Driver-->MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850} BattleForge™-->MsiExec.exe /X{C580908C-B3BA-4C19-BD60-16F02F272201} ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Mozilla Firefox 15.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly ======System event log====== Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Cryptographic Services weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20090714051424.262212-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Modules Installer weszła w stan stopped. Record Number: 4 Source Name: Service Control Manager Time Written: 20090714051424.168612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Software Protection weszła w stan stopped. Record Number: 3 Source Name: Service Control Manager Time Written: 20090714051424.059412-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Event Log weszła w stan stopped. Record Number: 2 Source Name: Service Control Manager Time Written: 20090714051424.012612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Volume Shadow Copy weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20090714051423.934612-000 Event Type: Informacje User: =====Application event log===== Computer Name: 37L4247E29-32 Event Code: 1001 Message: Pakiet błędów , typ 0 Nazwa zdarzenia: PnPGenericDriverFound Odpowiedź: Niedostępny Identyfikator pliku Cab: 0 Sygnatura problemu: P1: x64 P2: PCI\VEN_10DE&DEV_0E22&SUBSYS_34FA1458&REV_A1 P3: P4: P5: P6: P7: P8: P9: P10: Dołączone pliki: Te pliki mogą być dostępne tutaj: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d6f110f2753bc323e3a52a21b227938e1aaec5e6_cab_053a9491 Symbol analizy: Ponowne sprawdzanie rozwiązania: 0 Identyfikator raportu: 613af70d-f342-11e1-ad8d-8473516889c8 Stan raportu: 6 Record Number: 5 Source Name: Windows Error Reporting Time Written: 20120831080343.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20120831080203.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 3 Source Name: Microsoft-Windows-WMI Time Written: 20120831080159.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 1531 Message: Usługa profilów użytkowników została uruchomiona pomyślnie. Record Number: 2 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20120831080153.547701-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: 37L4247E29-32 Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 1 Source Name: Microsoft-Windows-EventSystem Time Written: 20120831080153.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: 37L4247E29-32 Event Code: 4735 Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Zmienione atrybuty: Nazwa konta SAM: - Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120831080132.316064-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4731 Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Nowa grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Atrybuty: Nazwa konta SAM: Operatorzy kopii zapasowych Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120831080132.300464-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0x31f9a Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120831080131.785663-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120831080129.133658-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120831080128.962058-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0403 -----------------EOF----------------- [/log]Winowajcą był procesor. Podkręciłem go do 4,0Ghz mnożnikiem i przez godzine gry, tylko raz się przycięła gra. Co ciekawe wcześniej kiedy ścinała mi się cały czas, co sekunde, dwie, miałem 60 fps, nie mało ale jednak dziwnym trafem się przycinało, ale teraz wszystko jest ok.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.