Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Drastic FPS drop laggy sound

Started by FpsChris , Jan 04 2013 09:07 PM

  • Please log in to reply

#1
FpsChris
Posted 04 January 2013 - 09:07 PM

FpsChris

    New Member

  • Member
  • Pip
  • 7 posts
Hello My name Is Krystian and my main issue since couple of months is dramatic performance dropdown.
I have laptop Sony-vaio bought about 16 months ago and since a while I start to experience a huge and sudden fps drops in games.
I have scanned my computer with Kaspersky AV trial ver. and nothing cames up with any virus or something.
I dont want to download and install tons of diferent program to scan my computer because im acctualy afraid i will make it worse.
After i bought a laptop i have win 7 with no copy on CD then i would like to refresh my computer a little bit to bring its old performance.

Kind Regards.
Krystian.


OTL logfile created on: 05/01/2013 02:44:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ppp\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.86 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 64.52% Memory free
13.62 Gb Paging File | 11.64 Gb Available in Paging File | 85.45% Paging File free
Paging file location(s): c:\pagefile.sys 4000 8000e:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 225.55 Gb Total Space | 125.73 Gb Free Space | 55.74% Space Free | Partition Type: NTFS
Drive E: | 224.45 Gb Total Space | 133.46 Gb Free Space | 59.46% Space Free | Partition Type: NTFS
Drive G: | 243.13 Mb Total Space | 211.56 Mb Free Space | 87.02% Space Free | Partition Type: FAT

Computer Name: PPP-VAIO | User Name: ppp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/05 02:39:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ppp\Desktop\OTL.exe
PRC - [2012/12/21 23:05:48 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/12/12 15:22:29 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012/12/07 13:16:19 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/12/04 12:06:55 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/01/29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010/05/31 18:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010/05/31 18:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010/05/31 16:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2010/05/28 20:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/05/28 20:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 03:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2008/09/18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/21 23:06:08 | 000,647,168 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL.dll
MOD - [2012/12/21 23:05:47 | 020,320,240 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/12/21 23:05:45 | 000,969,280 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012/12/21 23:05:43 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/12/21 23:05:41 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/21 23:05:39 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/12 15:22:29 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012/12/07 13:16:18 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/11/14 17:26:18 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3a7eb7595728baf4078ec5f97b44180c\IAStorUtil.ni.dll
MOD - [2012/11/14 03:44:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/14 03:43:44 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/14 03:43:23 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/14 03:42:45 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/14 03:42:30 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/14 03:42:19 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/14 03:42:17 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/14 03:41:57 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2010/11/13 02:37:37 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/07/21 00:12:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/06/11 19:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/01/13 09:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011/01/29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010/06/21 17:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2010/06/09 14:57:16 | 000,101,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010/06/09 14:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010/06/09 14:55:00 | 000,537,456 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010/06/08 22:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/06/08 16:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010/06/06 21:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (FastUserSwitchingCompatibility)
SRV - [2012/12/21 23:05:48 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/12/14 11:08:50 | 002,466,304 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/12/12 15:22:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/07 13:16:18 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/01/03 14:15:36 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010/07/28 12:39:17 | 000,332,272 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010/07/28 12:29:31 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/20 20:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010/06/20 20:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010/06/18 06:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010/06/17 11:44:10 | 000,851,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/05/31 18:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010/05/28 20:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/05/28 20:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/23 23:22:49 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/06/11 20:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/06/11 20:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/06/11 18:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/09 09:45:00 | 003,580,928 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/20 10:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
DRV:64bit: - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/03 14:00:03 | 000,330,768 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 11:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 09:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/24 20:34:53 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/06/23 20:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/06/23 20:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/06/23 20:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/06/23 20:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/06/23 20:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/06/23 20:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2010/06/23 20:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010/05/31 21:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/05/31 21:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010/05/31 20:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010/05/28 20:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/05/28 20:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2010/04/26 20:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010/03/04 02:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:64bit: - [2009/06/15 13:01:06 | 000,156,688 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/16 19:59:30 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/05/15 17:50:26 | 000,026,640 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/15 19:41:52 | 000,038,416 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SVEE&bmod=SVEE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=SVEE&bmod=SVEE
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{1C2498BA-4FA7-4DC3-B7F1-8872EDE798A0}: "URL" = http://services.zini...}&rf=sonyslices
IE - HKCU\..\SearchScopes\{47C0FEDD-227E-481A-B855-F5C8163C3F64}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.463
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/11/20 06:17:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/07 13:16:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/07 13:16:11 | 000,000,000 | ---D | M]

[2010/12/29 20:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ppp\AppData\Roaming\mozilla\Extensions
[2012/10/24 23:29:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ppp\AppData\Roaming\mozilla\Firefox\Profiles\qxc8nigy.default\extensions
[2012/12/22 11:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/12/22 11:45:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/07 13:16:10 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\[email protected]
[2012/12/07 13:16:19 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/23 16:04:38 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012/06/23 16:04:38 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012/06/23 16:04:38 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012/06/23 16:04:38 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012/06/23 16:04:38 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012/06/23 16:04:38 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

========== Chrome ==========

CHR - homepage: http://www.google.com

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E19C038-DD7B-4829-B255-EDCC2483F5D9}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{59fcf5bd-2418-11e0-bcd6-c0cb38f4c2e0}\Shell - "" = AutoRun
O33 - MountPoints2\{72d2d205-b95f-11e1-bad9-b92976b2da7d}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/05 02:39:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ppp\Desktop\OTL.exe
[2013/01/05 02:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/12/30 01:39:55 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Roaming\.tshock
[2012/12/30 01:39:17 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\TShock-4.0
[2012/12/24 18:44:14 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\LogMeIn Hamachi
[2012/12/24 18:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/12/24 18:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/12/23 13:18:59 | 000,000,000 | ---D | C] -- C:\Users\ppp\Documents\My Games
[2012/12/23 13:16:02 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\Ter112
[2012/12/22 11:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/12/16 18:29:57 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Roaming\RotMG.Production
[2012/12/16 18:15:32 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Roaming\Dwarfs
[2012/12/16 18:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2012/12/12 16:50:44 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Roaming\AIMP3
[2012/12/12 16:50:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP3
[2012/12/12 16:10:53 | 000,000,000 | ---D | C] -- C:\Users\ppp\AppData\Local\SCE
[2012/12/12 14:26:13 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\gw2
[2012/12/10 17:44:44 | 000,000,000 | ---D | C] -- C:\Users\ppp\Desktop\LootAlert 1.0.6
[2012/12/07 13:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[65 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[10 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/05 02:39:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ppp\Desktop\OTL.exe
[2013/01/05 02:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/04 21:44:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/04 21:44:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/04 21:36:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/04 21:36:34 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/04 14:48:03 | 000,000,221 | ---- | M] () -- C:\Users\ppp\Desktop\Magicka.url
[2013/01/02 14:58:23 | 000,000,222 | ---- | M] () -- C:\Users\ppp\Desktop\Terraria.url
[2013/01/02 14:53:43 | 492,994,273 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/12/30 11:02:28 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/29 04:13:43 | 001,664,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/29 04:13:43 | 000,738,644 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012/12/29 04:13:43 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/29 04:13:43 | 000,155,042 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012/12/29 04:13:43 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/24 18:43:09 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/12/21 22:58:04 | 000,304,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/13 21:00:25 | 000,001,735 | ---- | M] () -- C:\Users\ppp\Desktop\Signalrunners_-_Meet_me_in_Montauk__Frozen_Ray_20100116043020.mid
[2012/12/12 14:27:55 | 000,000,922 | ---- | M] () -- C:\Users\ppp\Desktop\Gw2.lnk
[2012/12/12 13:50:11 | 000,007,601 | ---- | M] () -- C:\Users\ppp\AppData\Local\Resmon.ResmonCfg
[65 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[10 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/04 14:48:03 | 000,000,221 | ---- | C] () -- C:\Users\ppp\Desktop\Magicka.url
[2013/01/02 14:58:23 | 000,000,222 | ---- | C] () -- C:\Users\ppp\Desktop\Terraria.url
[2012/12/24 18:43:09 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/12/22 11:45:18 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/13 21:00:19 | 000,001,735 | ---- | C] () -- C:\Users\ppp\Desktop\Signalrunners_-_Meet_me_in_Montauk__Frozen_Ray_20100116043020.mid
[2012/12/12 14:27:55 | 000,000,922 | ---- | C] () -- C:\Users\ppp\Desktop\Gw2.lnk
[2012/11/20 05:40:47 | 000,005,120 | ---- | C] () -- C:\Users\ppp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/08 02:25:42 | 000,579,274 | ---- | C] () -- C:\Users\ppp\AppData\Roaming\technic-launcher.jar
[2012/11/05 03:11:48 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/07/11 15:32:20 | 000,511,488 | ---- | C] () -- C:\Users\ppp\X-Ray Mod Installer.exe
[2012/07/08 21:46:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/08 21:37:29 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/08 21:37:29 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/07/08 21:37:29 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/04/29 23:03:58 | 000,007,601 | ---- | C] () -- C:\Users\ppp\AppData\Local\Resmon.ResmonCfg
[2012/04/22 20:12:22 | 004,424,704 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012/04/08 23:39:46 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012/04/08 23:39:32 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012/04/08 23:39:32 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012/04/08 23:39:30 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012/04/08 23:39:30 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012/04/08 23:39:28 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012/04/08 23:39:28 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012/04/08 23:39:26 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012/03/29 14:21:26 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/03/29 14:21:18 | 006,582,226 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012/03/29 14:21:18 | 001,152,365 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012/03/29 14:21:18 | 000,374,152 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/03/29 14:21:18 | 000,207,872 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/03/29 14:21:18 | 000,144,523 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2011/09/08 14:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/09/08 14:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/09/08 14:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/09/08 14:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/09/08 14:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011/09/08 14:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/09/08 14:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011/09/08 14:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011/09/08 13:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/09/08 13:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/05/31 06:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 06:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/05/11 18:17:58 | 000,098,648 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/04/20 22:15:20 | 000,044,851 | ---- | C] () -- C:\Users\ppp\cv Krystian Kaczmarek.rtf
[2011/03/22 13:03:16 | 001,231,228 | ---- | C] () -- C:\Users\ppp\zaswiadczenie myjnia.PDF
[2011/03/19 17:55:15 | 001,690,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/18 16:49:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\game.dll
[2011/03/17 14:51:41 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011/03/03 11:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011/03/03 11:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011/03/03 11:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2011/02/25 12:46:43 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/01/02 23:05:54 | 000,000,000 | -HSD | M] -- C:\Users\ppp\AppData\Roaming\.#
[2012/11/08 02:23:58 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\.minecraft
[2012/11/22 10:37:27 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\.techniclauncher
[2012/12/30 01:39:55 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\.tshock
[2012/12/21 17:22:26 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\AIMP3
[2012/04/29 23:23:33 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Auslogics
[2012/07/23 23:30:20 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\DAEMON Tools Lite
[2012/12/16 18:26:49 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Dwarfs
[2011/01/04 01:22:07 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Gadu-Gadu 10
[2011/06/23 20:21:13 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\IrfanView
[2012/11/22 10:37:02 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\logs
[2011/01/08 14:37:38 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\LolClient
[2012/06/27 12:34:47 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\LolClient2
[2011/01/03 12:57:28 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Mikrotik
[2012/01/24 21:06:15 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Mumble
[2012/03/31 18:59:25 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\OnLive App
[2012/11/20 05:40:10 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\OpenCandy
[2012/12/16 18:29:57 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\RotMG.Production
[2011/02/23 18:27:38 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Rovio
[2012/06/17 23:33:03 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\SoftGrid Client
[2011/09/19 11:16:30 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Systweak
[2012/06/15 11:22:37 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\TP
[2013/01/04 16:52:00 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\TS3Client
[2012/08/20 19:09:30 | 000,000,000 | ---D | M] -- C:\Users\ppp\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2B11E0DF

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 05 January 2013 - 12:57 AM

RKinner

    Malware Expert

  • Expert
  • 21,024 posts
  • MVP
Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute, then

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Ron
  • 0

#3
FpsChris
Posted 05 January 2013 - 06:47 AM

FpsChris

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
System Idle Process 0 97.49 0 K 24 K
procexp64.exe 4388 1.32 34 400 K 54 228 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
Interrupts n/a 0.20 0 K 0 K Hardware Interrupts and DPCs
System 4 0.14 196 K 2 368 K
VCPerfService.exe 2808 0.14 12 028 K 12 640 K VAIO Care Performance Service Sony Corporation (Verified) Sony Corporation of America
dwm.exe 2616 0.12 31 364 K 28 168 K Menedżer okien pulpitu Microsoft Corporation (Verified) Microsoft Windows
hamachi-2.exe 2044 0.11 3 688 K 9 860 K Hamachi Client Tunneling Engine LogMeIn Inc. (Verified) LogMeIn
avp.exe 1784 0.11 217 156 K 22 140 K (Unable to verify) (null)
avp.exe 3568 0.10 7 416 K 4 604 K (Unable to verify) (null)
csrss.exe 684 0.08 2 860 K 8 412 K Proces wykonawczy klienta/serwera Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 4308 0.04 29 016 K 24 188 K Indeksator programu Microsoft Windows Search Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 2664 0.04 31 496 K 48 816 K Eksplorator Windows Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 1256 0.02 2 376 K 4 800 K Local Manageability Service Intel Corporation (Verified) Intel Corporation
VESMgrSub.exe 3260 0.02 29 908 K 18 580 K VAIO Event Service (Service Sub Module) Sony Corporation (Verified) Sony Corporation
c2c_service.exe 2268 0.01 5 948 K 15 228 K Skype C2C Service Skype Technologies S.A. (Verified) Skype Technologies SA
IAStorDataMgrSvc.exe 2188 0.01 19 560 K 16 136 K IAStorDataSvc Intel Corporation (Verified) Intel Corporation
svchost.exe 852 0.01 4 744 K 10 144 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
CCC.exe 688 0.01 113 180 K 4 896 K Catalyst Control Center: Host application ATI Technologies Inc. (Unable to verify) ATI Technologies Inc.
MOM.exe 2928 < 0.01 39 520 K 5 420 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (Unable to verify) Advanced Micro Devices Inc.
Skype.exe 2972 < 0.01 72 764 K 73 704 K Skype Skype Technologies S.A. (Verified) Skype Technologies SA
AppleMobileDeviceService.exe 1680 < 0.01 3 212 K 9 456 K MobileDeviceService Apple Inc. (Verified) Apple Inc.
Apoint.exe 2848 < 0.01 3 452 K 9 364 K Alps Pointing-device Driver Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 748 < 0.01 28 696 K 45 452 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1132 < 0.01 12 976 K 17 160 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
sftlist.exe 2756 < 0.01 5 372 K 12 560 K Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
ApMsgFwd.exe 1192 < 0.01 1 932 K 5 068 K ApMsgFwd Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 1232 < 0.01 17 436 K 18 100 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
IAStorIcon.exe 3544 < 0.01 24 996 K 22 776 K IAStorIcon Intel Corporation (Verified) Intel Corporation
svchost.exe 564 < 0.01 96 928 K 104 276 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
DivXUpdate.exe 3748 < 0.01 6 124 K 14 812 K DivX Update (Verified) DivX
csrss.exe 576 < 0.01 2 608 K 5 116 K Proces wykonawczy klienta/serwera Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 5036 2 076 K 6 176 K Windows Driver Foundation — proces hosta User-mode Driver Framework Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe 476 4 168 K 2 232 K Usługa udostępniania w sieci programu Windows Media Player Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 1604 2 848 K 6 608 K WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 144 3 340 K 7 616 K Aplikacja logowania systemu Windows Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 664 1 716 K 4 744 K Aplikacja uruchamiania systemu Windows Microsoft Corporation (Verified) Microsoft Windows
VESMgr.exe 2572 4 844 K 10 940 K VAIO Event Service (Service Module) Sony Corporation (Verified) Sony Corporation
VAIOUpdt.exe 1872 4 464 K 4 432 K VAIO Update Sony Corporation (Verified) Sony Corporation
UNS.exe 4556 3 908 K 8 944 K User Notification Service Intel Corporation (Verified) Intel Corporation
uCamMonitor.exe 2444 1 596 K 4 788 K MgiSvr ArcSoft, Inc. (Verified) ArcSoft
TrustedInstaller.exe 4672 4 580 K 9 968 K Instalator modułów systemu Windows Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 1888 3 752 K 8 452 K Proces hosta dla zadań systemu Windows Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2896 2 480 K 6 292 K Aparat Harmonogramu zadań Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1488 17 876 K 18 212 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 928 5 436 K 9 236 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4284 3 264 K 30 280 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2544 37 956 K 23 404 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 456 20 880 K 22 232 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2372 1 952 K 5 664 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4796 2 860 K 6 340 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 1424 6 984 K 12 332 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
SPMService.exe 2800 4 792 K 9 564 K SPM Module Sony Corporation (Verified) Sony Corporation
SPMgr.exe 3184 5 020 K 1 204 K SPM Module Sony Corporation (Verified) Sony Corporation
smss.exe 400 572 K 1 228 K Menedżer sesji systemu Windows Microsoft Corporation (Verified) Microsoft Windows
sftvsa.exe 2240 1 524 K 5 120 K Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
services.exe 720 7 132 K 12 180 K Usługi i aplikacja Kontroler Microsoft Corporation (Verified) Microsoft Windows
RAVBg64.exe 2432 10 680 K 10 652 K HD Audio Background Process Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
procexp.exe 4724 2 280 K 7 516 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 1200 28 608 K 19 692 K PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Windows
msiexec.exe 3356 3 808 K 11 608 K Instalator systemu Windows® Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 752 2 800 K 4 604 K Usługa Menedżer sesji lokalnej Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 744 4 672 K 11 248 K Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
listener.exe 1616 1 316 K 4 868 K VaioCare Window Listener Application Sony of America Corporation (Verified) Sony Corporation of America
jusched.exe 1320 4 544 K 11 460 K Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
ISBMgr.exe 3556 2 136 K 6 800 K Sony Corporation (Verified) Sony Corporation
firefox.exe 2948 110 020 K 139 220 K Firefox Mozilla Corporation (Verified) Mozilla Corporation
dllhost.exe 6020 2 564 K 6 232 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 2768 3 584 K 7 304 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
CVHSVC.EXE 3820 4 100 K 9 352 K Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
conhost.exe 3744 1 728 K 4 896 K Host okna konsoli Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 988 1 708 K 4 528 K AMD External Events Service Module AMD (Unable to verify) AMD
atieclxx.exe 1400 2 692 K 6 904 K AMD External Events Client Module AMD (Unable to verify) AMD
Apvfb.exe 4072 1 620 K 4 316 K APVFB ALPS (Verified) Microsoft Windows Hardware Compatibility Publisher
ApntEx.exe 3728 2 324 K 5 488 K Alps Pointing-device Driver for Windows NT/2000/XP/Vista Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
  • 0

#4
RKinner
Posted 05 January 2013 - 11:19 AM

RKinner

    Malware Expert

  • Expert
  • 21,024 posts
  • MVP
I'm not seeing any slowness in Process Explorer. Do what you do when you get the laggy sound and run Process Explorer again and post the logs. Sometimes the slowness will show up then.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Uninstall Speccy.

I don't see any obvious infection but we can dig deeper and see if anything shows up.


Download the adwCleaner

  • Run the Tool
    Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select the option     Posted Image
  • Select the Delete button.
  • When the scan completes, it will open a notepad windows.
  • Please, copy the content of this file in your next reply.

Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Right click on TDSSKiller.exe and select Run As Administrator to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

When it finishes does it complain it could not fix something?


Let's also look at your event logs. Sometimes they will have a clue.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.


Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Now let's try a custom OTL scan and see if anything new comes up. It will also get the Extras Log which will show us what is installed.

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.



Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Ron
  • 0

#5
FpsChris
Posted 05 January 2013 - 01:08 PM

FpsChris

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Loads of it ;) but i will do step by step asap till now i made a Print screen when i have CPU 99- 100 % usage and every now and then it nearly freeze my computer.

I attached the file jpg.

Attached Thumbnails

  • 99cpu.jpg

  • 0

#6
RKinner
Posted 05 January 2013 - 02:14 PM

RKinner

    Malware Expert

  • Expert
  • 21,024 posts
  • MVP
If you can create a process explorer log when the cpu usage is high that would help.
  • 0

#7
FpsChris
Posted 05 January 2013 - 09:03 PM

FpsChris

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
Magicka.exe 4448 38.36 1 227 300 K 1 195 968 K Magicka Arrowhead Game Studios AB (Unable to verify) Arrowhead Game Studios AB
avp.exe 1944 22.33 231 552 K 102 484 K (Unable to verify) (null)
procexp64.exe 3096 12.40 32 896 K 52 692 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
System Idle Process 0 8.73 0 K 24 K
dwm.exe 1980 2.99 31 424 K 31 172 K Menedżer okien pulpitu Microsoft Corporation (Verified) Microsoft Windows
Interrupts n/a 2.33 0 K 0 K Hardware Interrupts and DPCs
System 4 2.21 196 K 2 360 K
audiodg.exe 1076 1.71 23 988 K 23 672 K Izolacja wykresu urządzenia audio systemu Windows Microsoft Corporation (Verified) Microsoft Windows
Steam.exe 3620 1.65 164 760 K 41 380 K Steam Valve Corporation (Verified) Valve
explorer.exe 1924 0.99 32 652 K 39 440 K Eksplorator Windows Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 688 0.91 3 104 K 7 644 K Proces wykonawczy klienta/serwera Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 564 0.90 113 336 K 115 280 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 5796 0.60 2 396 K 6 088 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
avp.exe 3592 0.52 6 788 K 8 420 K (Unable to verify) (null)
svchost.exe 848 0.52 4 840 K 8 348 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
VAIO Gate.exe 2880 0.38 25 468 K 6 660 K VAIO Gate Sony Corporation (Verified) Sony Corporation
GameOverlayUI.exe 4836 0.37 33 304 K 56 864 K gameoverlayui.exe ([email protected]) Valve Corporation (Verified) Valve
Skype.exe 4972 0.32 95 504 K 117 268 K Skype Skype Technologies S.A. (Verified) Skype Technologies SA
lsass.exe 744 0.24 4 684 K 9 268 K Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
VESMgrSub.exe 2740 0.20 35 944 K 15 504 K VAIO Event Service (Service Sub Module) Sony Corporation (Verified) Sony Corporation
svchost.exe 748 0.14 23 656 K 31 172 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
VCPerfService.exe 4276 0.14 13 552 K 13 756 K VAIO Care Performance Service Sony Corporation (Verified) Sony Corporation of America
ApMsgFwd.exe 2956 0.13 1 932 K 4 216 K ApMsgFwd Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 1476 0.10 17 792 K 13 308 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 456 0.10 18 636 K 18 160 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4652 0.09 37 432 K 10 148 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 928 0.08 4 636 K 7 572 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
services.exe 720 0.08 6 412 K 8 452 K Usługi i aplikacja Kontroler Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 2088 0.07 2 492 K 4 580 K Local Manageability Service Intel Corporation (Verified) Intel Corporation
svchost.exe 1220 0.07 16 252 K 15 164 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
c2c_service.exe 2456 0.07 2 956 K 5 056 K Skype C2C Service Skype Technologies S.A. (Verified) Skype Technologies SA
IAStorDataMgrSvc.exe 3416 0.05 21 436 K 19 976 K IAStorDataSvc Intel Corporation (Verified) Intel Corporation
CCC.exe 3676 0.05 113 268 K 9 380 K Catalyst Control Center: Host application ATI Technologies Inc. (Unable to verify) ATI Technologies Inc.
hamachi-2.exe 944 0.03 3 792 K 7 828 K Hamachi Client Tunneling Engine LogMeIn Inc. (Verified) LogMeIn
MOM.exe 4048 0.02 41 068 K 7 376 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (Unable to verify) Advanced Micro Devices Inc.
csrss.exe 576 0.02 2 416 K 4 320 K Proces wykonawczy klienta/serwera Microsoft Corporation (Verified) Microsoft Windows
Apoint.exe 2932 0.02 3 444 K 7 204 K Alps Pointing-device Driver Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
AppleMobileDeviceService.exe 1616 0.02 3 116 K 6 348 K MobileDeviceService Apple Inc. (Verified) Apple Inc.
IAStorIcon.exe 3564 0.01 26 484 K 18 872 K IAStorIcon Intel Corporation (Verified) Intel Corporation
taskhost.exe 1780 0.01 3 760 K 7 704 K Proces hosta dla zadań systemu Windows Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 4676 0.01 21 020 K 11 132 K Indeksator programu Microsoft Windows Search Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 752 0.01 2 844 K 4 140 K Usługa Menedżer sesji lokalnej Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1128 < 0.01 7 436 K 10 676 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
sftlist.exe 2824 < 0.01 5 372 K 7 396 K Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
wmpnetwk.exe 4724 < 0.01 4 016 K 2 804 K Usługa udostępniania w sieci programu Windows Media Player Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 4404 < 0.01 3 616 K 8 708 K User Notification Service Intel Corporation (Verified) Intel Corporation
DivXUpdate.exe 3804 < 0.01 6 244 K 11 000 K DivX Update (Verified) DivX
wininit.exe 664 < 0.01 1 676 K 3 896 K Aplikacja uruchamiania systemu Windows Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 988 < 0.01 1 736 K 3 756 K AMD External Events Service Module AMD (Unable to verify) AMD
spoolsv.exe 1436 < 0.01 7 704 K 8 148 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
atieclxx.exe 1380 < 0.01 2 688 K 5 596 K AMD External Events Client Module AMD (Unable to verify) AMD
winlogon.exe 132 < 0.01 3 372 K 5 712 K Aplikacja logowania systemu Windows Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 5036 2 072 K 4 180 K Windows Driver Foundation — proces hosta User-mode Driver Framework Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3108 2 868 K 5 868 K WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
VESMgr.exe 2680 5 388 K 8 392 K VAIO Event Service (Service Module) Sony Corporation (Verified) Sony Corporation
VAIOUpdt.exe 4264 4 516 K 2 568 K VAIO Update Sony Corporation (Verified) Sony Corporation
uCamMonitor.exe 2628 1 588 K 4 184 K MgiSvr ArcSoft, Inc. (Verified) ArcSoft
taskeng.exe 2208 2 604 K 5 752 K Aparat Harmonogramu zadań Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2552 1 964 K 4 864 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4848 2 624 K 4 840 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4168 3 152 K 28 672 K Proces hosta dla usług systemu Windows Microsoft Corporation (Verified) Microsoft Windows
SPMService.exe 2076 4 636 K 9 444 K SPM Module Sony Corporation (Verified) Sony Corporation
SPMgr.exe 2908 5 008 K 688 K SPM Module Sony Corporation (Verified) Sony Corporation
smss.exe 400 544 K 1 160 K Menedżer sesji systemu Windows Microsoft Corporation (Verified) Microsoft Windows
sftvsa.exe 2424 1 532 K 4 448 K Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
RAVBg64.exe 2900 10 680 K 7 388 K HD Audio Background Process Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
procexp.exe 1052 2 292 K 7 508 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 2732 27 476 K 19 592 K PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Windows
listener.exe 4592 1 308 K 4 900 K VaioCare Window Listener Application Sony of America Corporation (Verified) Sony Corporation of America
jusched.exe 3812 1 236 K 4 224 K Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
ISBMgr.exe 3576 2 132 K 6 108 K Sony Corporation (Verified) Sony Corporation
firefox.exe 5112 104 440 K 121 232 K Firefox Mozilla Corporation (Verified) Mozilla Corporation
dllhost.exe 2892 3 580 K 6 168 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
CVHSVC.EXE 3428 4 088 K 6 408 K Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
conhost.exe 3872 1 724 K 3 968 K Host okna konsoli Microsoft Corporation (Verified) Microsoft Windows
Apvfb.exe 3844 1 620 K 3 452 K APVFB ALPS (Verified) Microsoft Windows Hardware Compatibility Publisher
ApntEx.exe 3852 2 328 K 4 348 K Alps Pointing-device Driver for Windows NT/2000/XP/Vista Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher


edit. Im just thinking maybe its game itself.. but somethimes it work normaly very smoothly adn everything and from time to time it just hit with the sudden lag.. is it posible skype maybe colide with it ? it seems to be less offten when skype iss off... hmm i dont know but i really appreciate your interest with my topic and help given so far.

Edited by FpsChris, 05 January 2013 - 09:12 PM.

  • 0

#8
RKinner
Posted 05 January 2013 - 11:48 PM

RKinner

    Malware Expert

  • Expert
  • 21,024 posts
  • MVP

Magicka.exe 4448 38.36 1 227 300 K 1 195 968 K Magicka Arrowhead Game Studios AB (Unable to verify) Arrowhead Game Studios AB
avp.exe 1944 22.33 231 552 K 102 484 K (Unable to verify) (null)
procexp64.exe 3096 12.40 32 896 K 52 692 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
System Idle Process 0 8.73 0 K 24 K
dwm.exe 1980 2.99 31 424 K 31 172 K Menedżer okien pulpitu Microsoft Corporation (Verified) Microsoft Windows
Interrupts n/a 2.33 0 K 0 K Hardware Interrupts and DPCs


Looks to me like your game Magicka and your anti-virus (avp.exe) do not get along. The last line in the quote may indicate a badly written device driver as this should usually be around 1.

I'd try pausing the anti-virus while playing the game and see if that helps. If not I would look for updated video and audio drivers.
  • 0

#9
FpsChris
Posted 06 January 2013 - 07:02 AM

FpsChris

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
hmmm... maybe drivers... i have a problem with drivers on my laptop, cant find video drivers and cant even install those from AMD site... support said i need to contact with sony and they should have updated drivers for my graphic card but they dont all they gave me is some drivers from 2007 and recommend to use them but its even worse with them. im using some modified drivers from leshcat.
Leshcat’s Catalyst 12.10 WHQL UnifL

I would be greatful if You have had any source of drivers that i could use.

Vaio VPCEB3M1E
Radeon HD 5650
  • 0

#10
RKinner
Posted 06 January 2013 - 10:54 AM

RKinner

    Malware Expert

  • Expert
  • 21,024 posts
  • MVP
Have you tried running the game with the anti-virus paused? Could you create a process explorer log so I could see if it helps.

Click the Start button, type: dxdiag in the Search box, and when dxdiag.exe shows up, right click on it and Run As Admin. Wait until it finishes and then Save All Information. Note where it saves it then close the DirectX window and open DxDiag.txt. Copy and Paste it to a Reply.
  • 0

#11
FpsChris
Posted 06 January 2013 - 11:38 AM

FpsChris

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
------------------
System Information
------------------
Time of this report: 1/6/2013, 17:36:57
Machine name: PPP-VAIO
Operating System: Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120830-0333)
Language: Polish (Regional Setting: Polish)
System Manufacturer: Sony Corporation
System Model: VPCEB3M1E
BIOS: BIOS Date: 09/23/09 11:58:43 Ver: 08.00.10
Processor: Intel® Core™ i3 CPU M 370 @ 2.40GHz (4 CPUs), ~2.4GHz
Memory: 4096MB RAM
Available OS Memory: 3950MB RAM
Page File: 2432MB used, 11515MB available
Windows Dir: C:\Windows
DirectX Version: DirectX 11
DX Setup Parameters: Not found
User DPI Setting: Using System DPI
System DPI Setting: 96 DPI (100 percent)
DWM DPI Scaling: Disabled
DxDiag Version: 6.01.7601.17514 32bit Unicode

------------
DxDiag Notes
------------
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (retail)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)

---------------
Display Devices
---------------
Card name: AMD Radeon HD 6500M/5600/5700 Series
Manufacturer: Advanced Micro Devices, Inc.
Chip type: AMD Radeon Graphics Processor (0x68C1)
DAC type: Internal DAC(400MHz)
Device Key: Enum\PCI\VEN_1002&DEV_68C1&SUBSYS_9071104D&REV_00
Display Memory: 2733 MB
Dedicated Memory: 1014 MB
Shared Memory: 1719 MB
Current Mode: 1366 x 768 (32 bit) (50Hz)
Monitor Name: Rodzajowy monitor PnP
Monitor Model: unknown
Monitor Id: SNY05FA
Native Mode: 1366 x 768(p) (59.940Hz)
Output Type: Internal
Driver Name: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll
Driver File Version: 8.17.0010.1132 (English)
Driver Version: 8.980.0.0
DDI Version: 11
Driver Model: WDDM 1.1
Driver Attributes: Final Retail
Driver Date/Size: 6/11/2012 19:23:12, 1090560 bytes
WHQL Logo'd: n/a
WHQL Date Stamp: n/a
Device Identifier: {D7B71EE2-2B81-11CF-9177-7BB0BEC2C535}
Vendor ID: 0x1002
Device ID: 0x68C1
SubSys ID: 0x9071104D
Revision ID: 0x0000
Driver Strong Name: oem31.inf:ATI.Mfg.NTamd64.6.1:ati2mtag_Vancouver_PXAI:8.980.0.0:pci\ven_1002&dev_68c1
Rank Of Driver: 80E62001
Video Accel: ModeMPEG2_A ModeMPEG2_C
Deinterlace Caps: {60C39289-CEFE-450E-AF0B-D957ED91C252}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{B109203F-C0E2-4A87-90A9-20F4E3B5CA52}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{60C39289-CEFE-450E-AF0B-D957ED91C252}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{B109203F-C0E2-4A87-90A9-20F4E3B5CA52}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
D3D9 Overlay: Not Supported
DXVA-HD: Not Supported
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled

-------------
Sound Devices
-------------
Description: Speaker/HP (Realtek High Definition Audio)
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_104D4600&REV_1000
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.6098 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 5/31/2010 21:39:03, 2357024 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX™ 2.0 Listen/Src: No, No
I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No

---------------------
Sound Capture Devices
---------------------
Description: Microphone (Realtek High Definition Audio)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.6098 (English)
Driver Attributes: Final Retail
Date and Size: 5/31/2010 21:39:03, 2357024 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF

-------------------
DirectInput Devices
-------------------
Device Name: Mysz
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Klawiatura
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ Główny koncentrator USB
| Vendor/Product ID: 0x8086, 0x3B34
| Matching Device ID: usb\root_hub20
| Service: usbhub
|
+-+ Generic USB Hub
| | Vendor/Product ID: 0x8087, 0x0020
| | Location: Port_#0001.Hub_#0002
| | Matching Device ID: usb\class_09
| | Service: usbhub
| |
| +-+ Urządzenie wejściowe USB
| | | Vendor/Product ID: 0x04B4, 0x0033
| | | Location: Port_#0002.Hub_#0004
| | | Matching Device ID: generic_hid_device
| | | Service: HidUsb
| | |
| | +-+ Mysz zgodna z HID
| | | | Vendor/Product ID: 0x04B4, 0x0033
| | | | Matching Device ID: hid_device_system_mouse
| | | | Service: mouhid

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ Standardowa klawiatura PS/2
| Matching Device ID: *pnp0303
| Service: i8042prt
|
+ Sterownik klawiatury serwera terminali
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
|
+ Alps Pointing-device
| Matching Device ID: *snyalp0012
| Upper Filters: ApfiltrService
| Service: i8042prt
|
+ Sterownik myszy serwera terminali
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD

------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 128.3 GB
Total Space: 231.0 GB
File System: NTFS
Model: SAMSUNG HM500JI

Drive: E:
Free Space: 136.7 GB
Total Space: 229.8 GB
File System: NTFS
Model: SAMSUNG HM500JI

Drive: Q:
Model: n/a

Drive: D:
Model: MATSHITA DVD-RAM UJ8A0AS
Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (Polish), , 0 bytes

--------------
System Devices
--------------
Name: PCI standard PCI-to-PCI bridge (Matrox Filtered)
Device ID: PCI\VEN_8086&DEV_0045&SUBSYS_9071104D&REV_02\3&11583659&0&08
Driver: n/a

Name: PCI standard PCI-to-PCI bridge (Matrox Filtered)
Device ID: PCI\VEN_8086&DEV_3B4C&SUBSYS_9071104D&REV_05\3&11583659&0&E5
Driver: n/a

Name: Kontroler interfejsu LPC zestawu układów Intel® HM55 Express — 3B09
Device ID: PCI\VEN_8086&DEV_3B09&SUBSYS_9071104D&REV_05\3&11583659&0&F8
Driver: n/a

Name: AMD Radeon HD 6500M/5600/5700 Series
Device ID: PCI\VEN_1002&DEV_68C1&SUBSYS_9071104D&REV_00\4&29207316&0&0008
Driver: n/a

Name: Intel® processor DRAM Controller - 0044
Device ID: PCI\VEN_8086&DEV_0044&SUBSYS_9071104D&REV_02\3&11583659&0&00
Driver: n/a

Name: Reserved - 2D13
Device ID: PCI\VEN_8086&DEV_2D13&SUBSYS_9071104D&REV_02\3&4F11E61&0&13
Driver: n/a

Name: PCI standard PCI-to-PCI bridge (Matrox Filtered)
Device ID: PCI\VEN_8086&DEV_3B46&SUBSYS_9071104D&REV_05\3&11583659&0&E2
Driver: n/a

Name: Qualcomm Atheros AR9285 Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_002B&SUBSYS_E017105B&REV_01\4&1EE949F9&0&00E0
Driver: n/a

Name: Reserved - 2D12
Device ID: PCI\VEN_8086&DEV_2D12&SUBSYS_9071104D&REV_02\3&4F11E61&0&12
Driver: n/a

Name: PCI standard PCI-to-PCI bridge (Matrox Filtered)
Device ID: PCI\VEN_8086&DEV_3B44&SUBSYS_9071104D&REV_05\3&11583659&0&E1
Driver: n/a

Name: Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4381&SUBSYS_9071104D&REV_11\4&F179732&0&00E2
Driver: n/a

Name: QPI Physical 0 - 2D11
Device ID: PCI\VEN_8086&DEV_2D11&SUBSYS_9071104D&REV_02\3&4F11E61&0&11
Driver: n/a

Name: PCI standard PCI-to-PCI bridge (Matrox Filtered)
Device ID: PCI\VEN_8086&DEV_3B42&SUBSYS_9071104D&REV_05\3&11583659&0&E0
Driver: n/a

Name: QPI Link 0 - 2D10
Device ID: PCI\VEN_8086&DEV_2D10&SUBSYS_9071104D&REV_02\3&4F11E61&0&10
Driver: n/a

Name: Ricoh PCIe SD Bus Host Adapter
Device ID: PCI\VEN_1180&DEV_E822&SUBSYS_9071104D&REV_00\4&1EAEF792&0&04E1
Driver: n/a

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Device ID: PCI\VEN_8086&DEV_3B3C&SUBSYS_9071104D&REV_05\3&11583659&0&D0
Driver: n/a

Name: QuickPath Architecture System Address Decoder - 2D01
Device ID: PCI\VEN_8086&DEV_2D01&SUBSYS_9071104D&REV_02\3&4F11E61&0&01
Driver: n/a

Name: Kontroler hosta SD zgodny ze standardem SDA
Device ID: PCI\VEN_1180&DEV_E822&SUBSYS_9071104D&REV_00\4&1EAEF792&0&00E1
Driver: n/a

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Device ID: PCI\VEN_8086&DEV_3B34&SUBSYS_9071104D&REV_05\3&11583659&0&E8
Driver: n/a

Name: QuickPath Architecture Generic Non-core Registers - 2C62
Device ID: PCI\VEN_8086&DEV_2C62&SUBSYS_9071104D&REV_02\3&4F11E61&0&00
Driver: n/a

Name: Intel® Management Engine Interface
Device ID: PCI\VEN_8086&DEV_3B64&SUBSYS_9071104D&REV_06\3&11583659&0&B0
Driver: n/a

Name: Ricoh PCIe Memory Stick Host Controller
Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_9071104D&REV_00\4&1EAEF792&0&01E1
Driver: n/a

Name: Kontroler magistrali SMB rodziny zestawów układów Intel® 5 Series/3400 Series — 3B30
Device ID: PCI\VEN_8086&DEV_3B30&SUBSYS_9071104D&REV_05\3&11583659&0&FB
Driver: n/a

Name: PCI standard PCI-to-PCI bridge (Matrox Filtered)
Device ID: PCI\VEN_8086&DEV_2448&SUBSYS_9071104D&REV_A5\3&11583659&0&F0
Driver: n/a

Name: Kontroler zgodny ze standardem High Definition Audio
Device ID: PCI\VEN_8086&DEV_3B56&SUBSYS_9071104D&REV_05\3&11583659&0&D8
Driver: n/a

Name: Intel® 5 Series 4 Port SATA AHCI Controller
Device ID: PCI\VEN_8086&DEV_3B29&SUBSYS_9071104D&REV_05\3&11583659&0&FA
Driver: n/a

Name: Kontroler zgodny ze standardem High Definition Audio
Device ID: PCI\VEN_1002&DEV_AA60&SUBSYS_9071104D&REV_00\4&29207316&0&0108
Driver: n/a

------------------
DirectShow Filters
------------------

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7601.17514
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7601.17514
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7601.17514
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7601.17514
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7601.17514
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,15.04.3508.1109
Record Queue,0x00200000,1,1,WLXVAFilt.dll,15.04.3508.1109
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,15.04.3508.1109
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,15.04.3508.1109
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,15.04.3508.1109
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,15.04.3508.1109
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,15.04.3508.1109
ATI Ticker,0x00200000,0,1,Ticker.ax,
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7601.17514
MainConcept MPEG Demultiplexer,0x00800100,1,2,mc_demux_mp2_ds.ax,9.06.0007.7967
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7601.17713
LAV Splitter,0x00800004,1,1,LAVSplitter.ax,0.50.0001.0000
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7601.17514
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7601.17514
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7601.17713
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7601.17713
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7601.17528
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
MPC - RealVideo Decoder,0x00600000,1,1,RealMediaSplitter.ax,1.03.1290.0000
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
DivX AAC Decoder,0x00800000,1,1,daac.ax,8.08.0000.41966
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7601.17528
VisioForge Video Resizer,0x00200000,1,1,VisioForge_Video_Resize.ax,
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7601.17713
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7601.17528
VisioForge RGB2YUV,0x00400000,1,1,VisioForge_RGB2YUV.ax,
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7601.17514
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7601.17528
Video Mixer Filter,0x00200000,2,1,VisioForge_Video_Mixer.ax,
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7601.17713
MMACE ProcAmp,0x00200000,0,2,MMACEFilters.dll,
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7601.17514
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7601.17713
VcmIAlzGPDFilter2,0x00000000,0,0,,
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7601.17514
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7601.17713
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7601.17528
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7601.17713
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7601.17713
DivX H.264 Decoder,0x00800000,1,1,DivXDecH264.ax,9.00.0001.0021
SmartSound Soundtrack,0x00400000,0,1,DirectQX.dll,3.00.0009.0000
SmartSound SDS Reader,0x00400000,0,1,SDSReader.dll,3.00.0009.0000
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7601.17713
DivX Demux Filter,0x00800002,0,3,DirectShowDemuxFilter.dll,1.00.0003.0136
MPC - RealMedia Source,0x00600000,0,0,RealMediaSplitter.ax,1.03.1290.0000
File Writer,0x00200000,1,0,WLXVAFilt.dll,15.04.3508.1109
DivX Decoder Filter,0x00800000,1,1,DivXDec.ax,7.03.0000.0048
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7601.17514
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7601.17514
DivX Demux Filter (Unrestricted Edition),0x00200000,0,3,DirectShowDemuxFilter.dll,1.00.0003.0136
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7601.17514
VisioForge Dump 4,0x00200000,1,0,VisioForge_Dump.ax,
MMACE SoftEmu,0x00200000,0,2,MMACEFilters.dll,
File writer,0x00200000,1,0,qcap.dll,6.06.7601.17514
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7601.17514
Bandisoft MPEG-1 Video Decoder,0xff800001,1,1,bdfilters.dll,1.00.0003.0012
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7601.17514
MPC - RealAudio Decoder,0x00600000,1,1,RealMediaSplitter.ax,1.03.1290.0000
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7601.17713
MMACE DeInterlace,0x00200000,0,2,MMACEFilters.dll,
Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7601.17713
AC3Filter,0x40000000,1,1,ac3filter.ax,1.03.0001.0000
AVI Draw,0x00600064,9,1,quartz.dll,6.06.7601.17713
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7601.17514
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
VAIO Content Metadata Univ Filter,0x00000000,0,0,,
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7601.17514
VisioForge Screen Capture,0x00200000,0,1,VisioForge_Screen_Capture.ax,
LAV Splitter Source,0x00800004,0,1,LAVSplitter.ax,0.50.0001.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7601.17514
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7601.17514
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7601.17514
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7601.17514
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7601.17528
VisioForge YUV2RGB,0x00400000,1,1,VisioForge_YUV2RGB.ax,
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7601.17514
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7601.17713
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713
VcmIAlzGPDFilter,0x00000000,0,0,,
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7601.17713
MPC - CDXA Reader,0x00600000,0,1,cdxareader.ax,1.06.0000.4014
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7601.17713
MainConcept Stream Parser,0x00400000,1,2,mc_demux_mp2_ds.ax,9.06.0007.7967
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
MPC - RealMedia Splitter,0x00600000,1,1,RealMediaSplitter.ax,1.03.1290.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7601.17528
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7601.17514
Bandisoft MPEG-1 Audio Decoder,0xff800001,1,1,bdfilters.dll,1.00.0003.0012
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7601.17713
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7601.17713
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7601.17713
LAV Audio Decoder,0x00800003,1,1,LAVAudio.ax,0.50.0001.0000
LAV Video Decoder,0x00800003,1,1,LAVVideo.ax,0.50.0001.0000
VisioForge MediaBridge WPF35,0x00200000,0,1,VisioForge_MediaBridge_WPF_35.ax,
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7601.17514
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7601.17514
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7601.17669
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7601.17713

WDM Streaming Tee/Splitter Devices:
Konwerter Tee/Sink-to-Sink,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7601.17514
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7601.17713
Koder-dekoder Cinepak firmy Radius,0x00200000,1,1,qcap.dll,6.06.7601.17514
DivX 6.9.2 Codec (4 Logical CPUs),0x00200000,1,1,qcap.dll,6.06.7601.17514
Koder-dekoder Intel IYUV,0x00200000,1,1,qcap.dll,6.06.7601.17514
Koder-dekoder Intel IYUV,0x00200000,1,1,qcap.dll,6.06.7601.17514
Bandi MJPEG Video Decoder,0x00200000,1,1,qcap.dll,6.06.7601.17514
Bandi MPEG-1 Video Decoder,0x00200000,1,1,qcap.dll,6.06.7601.17514
Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7601.17514
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7601.17514
DivX 6.9.2 YV12 Decoder,0x00200000,1,1,qcap.dll,6.06.7601.17514

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
PCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
{6A08CF80-0E18-11CF-A24D-0020AFD79767},0x00200000,1,1,quartz.dll,6.06.7601.17713
DivX ;-) Audio,0x00200000,1,1,quartz.dll,6.06.7601.17713
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7601.17713
Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7601.17713
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713
MP2,0x00200000,1,1,quartz.dll,6.06.7601.17713
AC3,0x00200000,1,1,quartz.dll,6.06.7601.17713
DTS,0x00200000,1,1,quartz.dll,6.06.7601.17713
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7601.17713

Audio Capture Sources:
Microphone (Realtek High Defini,0x00200000,0,0,qcap.dll,6.06.7601.17514

PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7601.17528
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7601.17713
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7601.17713

WDM Streaming Capture Devices:
Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
USB 2.0 Camera,0x00200000,1,2,ksproxy.ax,6.01.7601.17514

WDM Streaming Rendering Devices:
Realtek HDA HDMI Out,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7601.17514

Video Capture Sources:
USB 2.0 Camera,0x00200000,1,2,ksproxy.ax,6.01.7601.17514

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7601.17669
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7601.17514

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7601.17708
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7601.17708
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7601.17708
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7601.17708

WDM Streaming Communication Transforms:
Konwerter Tee/Sink-to-Sink,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

Audio Renderers:
Speaker/HP (Realtek High Defini,0x00200000,1,0,quartz.dll,6.06.7601.17713
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7601.17713
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7601.17713
DirectSound: Speaker/HP (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713

---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
Quality Flags: 2576
Enabled:
Force throttling
Allow half deinterlace
Allow scaling
Decode Power Usage: 100
Balanced Flags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 50
PowerFlags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 0
  • 0

#12
RKinner
Posted 06 January 2013 - 11:58 AM

RKinner

    Malware Expert

  • Expert
  • 21,024 posts
  • MVP
DirectX seems happy.

Have you tried running the game with the anti-virus paused? Could you create a process explorer log so I could see if it helps.
  • 0

#13
FpsChris
Posted 07 January 2013 - 05:10 PM

FpsChris

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
im going for holyday then i cant do everything now on my laptop. i really thank U Ron for help and when i will come back i will do everything and reply.
Kind regards
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP