Zamulały komp i duże użycie procesora.

[CeTiSeK]

Siemka.

 

Mam problem z komputerem.

 

Mam duże użycie procesora po włączeniu mam 60-70 % po uruchomieniu wszystkich programów z autostartu (skype i steam ) i do tego mam spore muły na kompie przy najlżejszej czynności. Co jeszcze ta dioda na obudowie od dysku albo się ciągle świeci albo bardzo często miga (prawie ciągle się świeci).

 

Miałem ten problem na wcześniejszym systemie ten sam problem, ale jeszcze zjadało mi pamięć z dysku C: .

 

Zrobiłem formata, pierwszy dzień było OK a na drugi już dupa..

 

Liczę na pomoc.

 

Jeśli nie rozumiecie czegoś to pytajcie.

 

Procek: i5 4670

Grafika: msi r9 280x

Płyta główna: ASrock Z97 Pro 4

Twardziel: Seagate 1TB.

[DeLux394]

Spróbuj włączyć z rozruchem diagnostycznym. To Ci załaduje tylko samego windowsa bez żadnych steamów, skype'ów itp.. Być może jakiś proces(wirus?) Ci zapycha procesor. Popatrz też w menadżerze zadań w procesach co Ci zabiera najwięcej zasobów i jeśli to nie jest nic od microsoftu to wyłącz to i zobacz czy problem ustanie. 

 

Sam mam podobny komputer (tylko karta r9 270x 4GB) i wiadomo, że nie powinno tak być. Po włączeniu kompa mam 0-1% użycia procka.

[Nezvik]

Wykonaj logi FRST.

[CeTiSeK]

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015

Ran by Cetis (administrator) on CETIS-KOMPUTER on 09-01-2015 14:21:35

Running from C:\Users\Cetis\Downloads

Loaded Profile: Cetis (Available profiles: Cetis)

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska)

Internet Explorer Version 11 (Default browser: Opera)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe

(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe

(Microsoft Corporation) C:\Windows\svchost.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

() C:\Program Files (x86)\screenSHU\screenSHU.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

() C:\Program Files (x86)\SourceApp\updateSourceApp.exe

() C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

() C:\Users\Cetis\AppData\Local\Temp\wintrln.exe

(TeamSpeak Systems GmbH) C:\Users\Cetis\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

() C:\Users\Cetis\AppData\Local\Temp\winjtoc.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe

(Microsoft Corporation) C:\Windows\svchost.exe

() C:\Windows\Temp\iumsvc.exe

(Microsoft Corporation) C:\Windows\svchost.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)

HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [401768 2014-02-26] (Intel Corporation)

HKLM\...\Run: [iSCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-04-03] (Intel Corporation)

HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2009952 2013-05-31] (cFos Software GmbH)

HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [216944 2008-06-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [1214264 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKU\S-1-5-21-2756393734-973016505-781420538-1000\...\Run: [ASRock A-Tuning] => [X]

HKU\S-1-5-21-2756393734-973016505-781420538-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)

HKU\S-1-5-21-2756393734-973016505-781420538-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

HKU\S-1-5-21-2756393734-973016505-781420538-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3770640 2014-03-04] (Disc Soft Ltd)

HKU\S-1-5-21-2756393734-973016505-781420538-1000\...\MountPoints2: {aa07803e-9691-11e4-aeb1-d050992681f4} - G:\SETUP.EXE

HKU\S-1-5-21-2756393734-973016505-781420538-1000\...\MountPoints2: {f0f17749-9689-11e4-8faf-806e6f6e6963} - E:\ASRSetup.exe

AlternateShell: 

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: SourceApp 1.0.0.6 -> {9f7ab9c4-4da3-440e-ba84-95903165f129} -> C:\Program Files (x86)\SourceApp\SourceAppbho.dll (SourceApp)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

 

Chrome: 

=======

CHR StartupUrls: Default -> "hxxp://www.google.com"

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File

CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Profile: C:\Users\Cetis\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (AdBlock) - C:\Users\Cetis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-07]

CHR Extension: (SourceApp) - C:\Users\Cetis\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda [2015-01-08]

CHR Extension: (Google Wallet) - C:\Users\Cetis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-07]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-07-25] () [File not signed]

R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [652640 2013-05-31] (cFos Software GmbH)

S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153000 2015-01-07] (Google Inc.) [File not signed]

S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153000 2015-01-07] (Google Inc.) [File not signed]

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)

R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-03] ()

S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [280352 2014-01-17] () [File not signed]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)

R2 PowerManager; C:\Windows\svchost.exe [36352 2001-08-24] (Microsoft Corporation) [File not signed]

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)

R2 Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [529136 2015-01-09] ()

R2 Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [529136 2015-01-09] ()

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-01-07] (ASRock Incorporation)

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-07] (Disc Soft Ltd)

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-02-03] (Intel Corporation)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-02-26] (Intel Corporation)

R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()

R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)

R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-07] (StdLib)

S3 MSICDSetup; \??\E:\CDriver64.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-01-09 14:21 - 2015-01-09 14:23 - 00014399 _____ () C:\Users\Cetis\Downloads\FRST.txt

2015-01-09 14:21 - 2015-01-09 14:21 - 00000000 ____D () C:\FRST

2015-01-09 14:18 - 2015-01-09 14:18 - 02124288 _____ (Farbar) C:\Users\Cetis\Downloads\FRST64.exe

2015-01-08 22:34 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2015-01-08 22:34 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2015-01-08 22:34 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2015-01-08 22:34 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2015-01-08 22:34 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2015-01-08 22:34 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2015-01-08 22:34 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2015-01-08 22:34 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2015-01-08 17:26 - 2015-01-09 14:01 - 00000000 ____D () C:\Users\Cetis\AppData\Local\screenSHU

2015-01-08 17:26 - 2015-01-08 17:26 - 08173583 _____ (screenSHU) C:\Users\Cetis\Downloads\screenSHU-setup.exe

2015-01-08 17:26 - 2015-01-08 17:26 - 00001059 _____ () C:\Users\Cetis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\screenSHU.lnk

2015-01-08 17:26 - 2015-01-08 17:26 - 00001029 _____ () C:\Users\Cetis\Desktop\screenSHU.lnk

2015-01-08 17:26 - 2015-01-08 17:26 - 00000000 ____D () C:\Program Files (x86)\screenSHU

2015-01-08 14:26 - 2015-01-08 14:26 - 00003874 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420723578

2015-01-08 14:26 - 2015-01-08 14:26 - 00001145 _____ () C:\Users\Public\Desktop\Opera.lnk

2015-01-08 14:26 - 2015-01-08 14:26 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2015-01-08 14:26 - 2015-01-08 14:26 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\Opera Software

2015-01-08 14:26 - 2015-01-08 14:26 - 00000000 ____D () C:\Users\Cetis\AppData\Local\Opera Software

2015-01-08 14:25 - 2015-01-08 14:26 - 00000000 ____D () C:\Program Files (x86)\Opera

2015-01-07 20:26 - 2015-01-07 20:26 - 00000472 __RSH () C:\ProgramData\ntuser.pol

2015-01-07 19:54 - 2015-01-07 19:54 - 01878280 _____ () C:\Users\Cetis\Downloads\wrar520.exe

2015-01-07 19:54 - 2015-01-07 19:54 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-01-07 19:54 - 2015-01-07 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-01-07 19:54 - 2015-01-07 19:54 - 00000000 ____D () C:\Program Files (x86)\WinRAR

2015-01-07 19:48 - 2015-01-08 22:41 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-01-07 19:48 - 2015-01-07 19:48 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\Cetis\Downloads\install_flash_player_16_plugin.exe

2015-01-07 19:48 - 2015-01-07 19:48 - 00737968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-07 19:48 - 2015-01-07 19:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-01-07 19:48 - 2015-01-07 19:48 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-01-07 19:48 - 2015-01-07 19:48 - 00000000 ____D () C:\Windows\SysWOW64\Macromed

2015-01-07 19:48 - 2015-01-07 19:48 - 00000000 ____D () C:\Windows\system32\Macromed

2015-01-07 19:13 - 2015-01-07 19:13 - 00000873 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk

2015-01-07 19:13 - 2015-01-07 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

2015-01-07 19:13 - 2015-01-07 19:13 - 00000000 ____D () C:\Program Files\CPUID

2015-01-07 19:12 - 2015-01-07 19:12 - 01695784 _____ ( ) C:\Users\Cetis\Downloads\cpu-z_1.71-setup-en.exe

2015-01-07 19:05 - 2015-01-07 19:05 - 00994960 _____ (Google Inc.) C:\Users\Cetis\Downloads\ChromeSetup.exe

2015-01-07 19:04 - 2015-01-07 19:04 - 05431280 _____ (Piriform Ltd) C:\Users\Cetis\Downloads\ccsetup501.exe

2015-01-07 19:01 - 2015-01-09 14:08 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\TS3Client

2015-01-07 19:01 - 2015-01-07 19:01 - 00001213 _____ () C:\Users\Cetis\Desktop\TeamSpeak 3 Client.lnk

2015-01-07 19:01 - 2015-01-07 19:01 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

2015-01-07 19:01 - 2015-01-07 19:01 - 00000000 ____D () C:\Users\Cetis\AppData\Local\TeamSpeak 3 Client

2015-01-07 18:59 - 2015-01-07 18:59 - 30132752 _____ (TeamSpeak Systems GmbH) C:\Users\Cetis\Downloads\TeamSpeak3-Client-win64-3.0.16.exe

2015-01-07 18:52 - 2015-01-07 18:52 - 00139492 __RSH () C:\inwb.exe

2015-01-07 18:47 - 2015-01-07 08:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys

2015-01-07 18:44 - 2015-01-07 18:44 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2015-01-07 18:44 - 2015-01-07 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint

2015-01-07 18:44 - 2015-01-07 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2015-01-07 18:43 - 2015-01-07 18:43 - 00000000 ____D () C:\Windows\PCHEALTH

2015-01-07 18:43 - 2015-01-07 18:43 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services

2015-01-07 18:43 - 2015-01-07 18:43 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework

2015-01-07 18:43 - 2015-01-07 18:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition

2015-01-07 18:43 - 2015-01-07 18:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2015-01-07 18:42 - 2015-01-07 18:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8

2015-01-07 18:41 - 2015-01-08 22:37 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-01-07 18:41 - 2015-01-07 18:43 - 00000000 ____D () C:\Program Files\Microsoft Office

2015-01-07 18:41 - 2015-01-07 18:41 - 00000000 __RHD () C:\MSOCache

2015-01-07 18:41 - 2015-01-07 18:41 - 00000000 ____D () C:\Users\Cetis\AppData\Local\Microsoft Help

2015-01-07 18:41 - 2015-01-07 18:41 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2015-01-07 18:41 - 2015-01-07 18:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2015-01-07 18:41 - 2015-01-07 18:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2015-01-07 18:40 - 2015-01-09 14:02 - 00000000 ____D () C:\Program Files (x86)\SourceApp

2015-01-07 18:40 - 2015-01-07 18:40 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys

2015-01-07 18:40 - 2015-01-07 18:40 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\DAEMON Tools Lite

2015-01-07 18:40 - 2015-01-07 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

2015-01-07 18:40 - 2015-01-07 18:40 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite

2015-01-07 18:39 - 2015-01-07 18:40 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite

2015-01-07 18:38 - 2015-01-07 18:39 - 13543680 _____ (Disc Soft Ltd) C:\Users\Cetis\Downloads\DTLite4491-0356.exe

2015-01-07 18:37 - 2015-01-07 18:37 - 00003634 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series

2015-01-07 18:37 - 2015-01-07 18:37 - 00000057 _____ () C:\ProgramData\Ament.ini

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\HpUpdate

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\Users\Cetis\AppData\Local\HP

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\ProgramData\Visan

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\ProgramData\HP Photo Creations

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\ProgramData\HP

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\Program Files\HP

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations

2015-01-07 18:37 - 2015-01-07 18:37 - 00000000 ____D () C:\Program Files (x86)\HP

2015-01-07 18:31 - 2015-01-07 18:34 - 51381184 _____ () C:\Users\Cetis\Downloads\DJ2050_J510_1313-1.exe

2015-01-07 18:27 - 2015-01-09 14:02 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\Skype

2015-01-07 18:27 - 2015-01-07 18:27 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk

2015-01-07 18:27 - 2015-01-07 18:27 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-01-07 18:27 - 2015-01-07 18:27 - 00000000 ____D () C:\Users\Cetis\AppData\Local\Skype

2015-01-07 18:27 - 2015-01-07 18:27 - 00000000 ____D () C:\ProgramData\Skype

2015-01-07 18:27 - 2015-01-07 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-01-07 18:25 - 2015-01-09 14:22 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-01-07 18:25 - 2015-01-07 18:25 - 01658464 _____ (Skype Technologies S.A.) C:\Users\Cetis\Downloads\SkypeSetup.exe

2015-01-07 18:25 - 2015-01-07 18:25 - 01260400 _____ () C:\Users\Cetis\Downloads\SteamSetup.exe

2015-01-07 18:25 - 2015-01-07 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2015-01-07 18:22 - 2015-01-07 18:22 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\ATI

2015-01-07 18:22 - 2015-01-07 18:22 - 00000000 ____D () C:\Users\Cetis\AppData\Local\ATI

2015-01-07 18:22 - 2015-01-07 18:22 - 00000000 ____D () C:\ProgramData\ATI

2015-01-07 18:22 - 2015-01-07 18:22 - 00000000 _____ () C:\Windows\ativpsrm.bin

2015-01-07 18:21 - 2015-01-07 18:21 - 00060957 _____ () C:\Windows\SysWOW64\CCCInstall_201501071821136118.log

2015-01-07 18:21 - 2015-01-07 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2015-01-07 18:21 - 2015-01-07 18:21 - 00000000 ____D () C:\ProgramData\AMD

2015-01-07 18:21 - 2015-01-07 18:21 - 00000000 ____D () C:\Program Files (x86)\AMD AVT

2015-01-07 18:20 - 2015-01-07 18:20 - 00000000 ____D () C:\AMD

2015-01-07 18:20 - 2013-09-24 15:53 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys

2015-01-07 18:20 - 2013-09-24 15:51 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll

2015-01-07 18:20 - 2013-09-12 03:26 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe

2015-01-07 18:20 - 2013-09-12 03:26 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe

2015-01-07 18:20 - 2013-09-12 03:26 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe

2015-01-07 18:20 - 2013-09-12 03:26 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe

2015-01-07 18:20 - 2013-09-12 03:26 - 00229888 _____ () C:\Windows\system32\clinfo.exe

2015-01-07 18:20 - 2013-09-12 03:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.20.dll

2015-01-07 18:20 - 2013-09-12 03:26 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll

2015-01-07 18:20 - 2013-09-12 03:26 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll

2015-01-07 18:20 - 2013-09-12 03:25 - 28469248 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll

2015-01-07 18:20 - 2013-09-12 03:25 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll

2015-01-07 18:20 - 2013-09-12 03:25 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll

2015-01-07 18:20 - 2013-09-12 03:23 - 24008704 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll

2015-01-07 18:20 - 2013-09-12 03:21 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2015-01-07 18:20 - 2013-09-12 03:21 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2015-01-07 18:20 - 2013-09-12 03:09 - 00555744 _____ () C:\Windows\SysWOW64\atiapfxx.blb

2015-01-07 18:20 - 2013-09-12 03:09 - 00555744 _____ () C:\Windows\system32\atiapfxx.blb

2015-01-07 18:20 - 2013-09-12 02:48 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll

2015-01-07 18:20 - 2013-09-12 02:26 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat

2015-01-07 18:20 - 2013-09-12 02:26 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat

2015-01-07 18:20 - 2013-09-12 02:26 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat

2015-01-07 18:20 - 2013-09-12 02:26 - 00157144 _____ () C:\Windows\system32\ativvsva.dat

2015-01-07 18:20 - 2013-08-27 21:15 - 00083392 _____ () C:\Windows\system32\ativce02.dat

2015-01-07 18:20 - 2013-07-25 22:50 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat

2015-01-07 18:20 - 2013-07-18 16:47 - 00231856 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat

2015-01-07 18:20 - 2011-09-12 23:06 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat

2015-01-07 18:20 - 2011-09-12 23:06 - 00003917 _____ () C:\Windows\system32\atipblag.dat

2015-01-07 18:19 - 2015-01-07 18:19 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies

2015-01-07 18:19 - 2015-01-07 18:19 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2015-01-07 18:19 - 2013-08-14 03:23 - 00047427 _____ () C:\Windows\atiogl.xml

2015-01-07 18:17 - 2015-01-07 18:20 - 00000000 ____D () C:\Program Files\ATI Technologies

2015-01-07 18:17 - 2015-01-07 18:17 - 00000000 ____D () C:\Program Files\ATI

2015-01-07 18:05 - 2015-01-07 18:05 - 06668752 _____ (Microsoft Corporation) C:\Users\Cetis\Downloads\vcredist_x86 (1).exe

2015-01-07 18:04 - 2015-01-07 18:04 - 05146968 _____ (Microsoft Corporation) C:\Users\Cetis\Downloads\vcredist_x86.exe

2015-01-07 17:56 - 2015-01-07 18:01 - 368047855 _____ () C:\Users\Cetis\Downloads\amd_14.4_v78.zip

2015-01-07 17:50 - 2015-01-07 17:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf

2015-01-07 17:50 - 2014-04-03 09:53 - 00025800 _____ () C:\Windows\system32\Drivers\INETMON.sys

2015-01-07 17:49 - 2015-01-07 17:49 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk

2015-01-07 17:49 - 2015-01-07 17:49 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\Macromedia

2015-01-07 17:48 - 2015-01-08 13:15 - 00007606 _____ () C:\Users\Cetis\AppData\Local\Resmon.ResmonCfg

2015-01-07 17:48 - 2015-01-07 17:49 - 00000000 ____D () C:\Program Files (x86)\Adobe

2015-01-07 17:48 - 2015-01-07 17:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

2015-01-07 17:48 - 2015-01-07 17:48 - 00000000 ____D () C:\ProgramData\Adobe

2015-01-07 17:46 - 2015-01-07 18:57 - 00002978 _____ () C:\Windows\System32\Tasks\AsrSP.exe

2015-01-07 17:46 - 2015-01-07 17:46 - 00022280 _____ (ASRock Incorporation) C:\Windows\SysWOW64\Drivers\AsrDrv101.sys

2015-01-07 17:46 - 2015-01-07 17:46 - 00000000 ____D () C:\Users\Cetis\AppData\Local\cFos

2015-01-07 17:46 - 2015-01-07 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN

2015-01-07 17:46 - 2015-01-07 17:46 - 00000000 ____D () C:\ProgramData\cFos

2015-01-07 17:46 - 2015-01-07 17:46 - 00000000 ____D () C:\Program Files\ASRock

2015-01-07 17:46 - 2013-08-02 16:39 - 00040200 _____ (ASRock Inc.) C:\Windows\system32\Drivers\AsrRamDisk.sys

2015-01-07 17:46 - 2013-07-25 15:04 - 00613640 _____ () C:\Windows\system32\USBKeyCredentialProvider.dll

2015-01-07 17:46 - 2013-05-31 16:23 - 01814880 _____ (cFos Software GmbH) C:\Windows\system32\Drivers\cfosspeed6.sys

2015-01-07 17:45 - 2015-01-09 13:59 - 00000000 ____D () C:\Program Files\Google

2015-01-07 17:45 - 2015-01-07 17:45 - 00000000 ____D () C:\Windows\ASRock

2015-01-07 17:45 - 2015-01-07 17:45 - 00000000 ____D () C:\Program Files (x86)\ASRock Utility

2015-01-07 17:45 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-01-07 17:45 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-01-07 17:45 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-01-07 17:45 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-01-07 17:45 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-01-07 17:45 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-01-07 17:45 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-01-07 17:45 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-01-07 17:45 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-01-07 17:45 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-01-07 17:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-01-07 17:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-01-07 17:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-01-07 17:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-01-07 17:44 - 2015-01-09 14:10 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-01-07 17:44 - 2015-01-09 14:04 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log

2015-01-07 17:44 - 2015-01-09 14:00 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-01-07 17:44 - 2015-01-09 13:59 - 00000000 ____D () C:\Program Files (x86)\Google

2015-01-07 17:44 - 2015-01-08 13:04 - 00000000 ____D () C:\Users\Cetis\AppData\Local\Google

2015-01-07 17:44 - 2015-01-07 19:05 - 00004042 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-01-07 17:44 - 2015-01-07 19:05 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-01-07 17:44 - 2015-01-07 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility

2015-01-07 17:44 - 2015-01-07 17:48 - 00000000 ____D () C:\Program Files\ASRock Utility

2015-01-07 17:44 - 2015-01-07 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-01-07 17:44 - 2015-01-07 17:44 - 00000000 ____D () C:\Program Files (x86)\GUMD92E.tmp

2015-01-07 17:44 - 2011-11-07 10:13 - 00017192 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\AsrAppCharger.sys

2015-01-07 17:43 - 2014-02-25 06:05 - 00565560 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe

2015-01-07 17:43 - 2014-02-11 02:38 - 00003114 _____ () C:\Windows\system32\e1d62x64.din

2015-01-07 17:43 - 2014-02-05 09:46 - 00001904 ____N () C:\Windows\system32\SetupBD.din

2015-01-07 17:43 - 2014-02-03 18:26 - 00488216 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys

2015-01-07 17:43 - 2013-12-05 22:12 - 00091936 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll

2015-01-07 17:43 - 2013-11-21 20:57 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll

2015-01-07 17:43 - 2009-05-26 02:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll

2015-01-07 17:42 - 2015-01-07 17:42 - 00004660 _____ () C:\Windows\DPINST.LOG

2015-01-07 17:42 - 2015-01-07 17:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf

2015-01-07 17:42 - 2015-01-07 17:42 - 00000000 ____D () C:\Intel

2015-01-07 17:42 - 2014-02-21 06:56 - 00791024 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys

2015-01-07 17:42 - 2014-02-21 06:56 - 00370672 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys

2015-01-07 17:42 - 2014-02-21 06:56 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys

2015-01-07 17:41 - 2015-01-07 17:47 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473

2015-01-07 17:41 - 2015-01-07 17:41 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon

2015-01-07 17:40 - 2015-01-07 17:45 - 00000000 ____D () C:\Program Files (x86)\Intel

2015-01-07 17:40 - 2015-01-07 17:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf

2015-01-07 17:40 - 2015-01-07 17:40 - 00000000 ____D () C:\ProgramData\Intel® Update Manager

2015-01-07 17:38 - 2015-01-07 17:50 - 00000000 ____D () C:\ProgramData\Intel

2015-01-07 17:38 - 2015-01-07 17:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ___HD () C:\Program Files (x86)\Temp

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ____D () C:\Windows\system32\SRSLabs

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ____D () C:\Users\Cetis\Intel

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\Intel Corporation

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ____D () C:\Program Files\Realtek

2015-01-07 17:38 - 2015-01-07 17:38 - 00000000 ____D () C:\Program Files (x86)\Realtek

2015-01-07 17:38 - 2013-07-30 13:16 - 03564376 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys

2015-01-07 17:38 - 2013-07-30 10:14 - 02585304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll

2015-01-07 17:38 - 2013-07-30 06:47 - 00620273 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT

2015-01-07 17:38 - 2013-07-29 11:41 - 00147672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll

2015-01-07 17:38 - 2013-07-26 07:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll

2015-01-07 17:38 - 2013-07-22 08:37 - 01004248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll

2015-01-07 17:38 - 2013-07-19 08:55 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll

2015-01-07 17:38 - 2013-07-18 07:48 - 02795224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll

2015-01-07 17:38 - 2013-07-17 09:17 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll

2015-01-07 17:38 - 2013-06-05 14:42 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll

2015-01-07 17:38 - 2013-04-24 10:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl

2015-01-07 17:38 - 2013-02-20 11:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll

2015-01-07 17:38 - 2012-06-20 10:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2015-01-07 17:38 - 2012-03-08 04:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll

2015-01-07 17:38 - 2012-01-30 04:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll

2015-01-07 17:38 - 2012-01-10 03:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll

2015-01-07 17:38 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll

2015-01-07 17:38 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll

2015-01-07 17:38 - 2011-03-17 05:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll

2015-01-07 17:38 - 2011-03-07 10:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll

2015-01-07 17:38 - 2010-11-08 00:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll

2015-01-07 17:38 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll

2015-01-07 17:38 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll

2015-01-07 17:38 - 2010-11-08 00:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll

2015-01-07 17:38 - 2010-11-08 00:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll

2015-01-07 17:38 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll

2015-01-07 17:38 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2015-01-07 17:36 - 2015-01-07 17:43 - 00000000 ____D () C:\Program Files\Intel

2015-01-07 17:35 - 2015-01-07 18:19 - 00000000 ____D () C:\ProgramData\Package Cache

2015-01-07 17:33 - 2015-01-07 17:33 - 00000000 ____D () C:\Users\Cetis\Downloads\ASRSetup

2015-01-07 17:32 - 2015-01-07 17:32 - 00001433 _____ () C:\Users\Cetis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-01-07 17:32 - 2015-01-07 17:32 - 00000000 ____D () C:\Users\Cetis\AppData\Roaming\Adobe

2015-01-07 17:32 - 2015-01-07 17:32 - 00000000 ____D () C:\Users\Cetis\AppData\Local\VirtualStore

2015-01-07 17:31 - 2015-01-09 14:22 - 01281560 _____ () C:\Windows\WindowsUpdate.log

2015-01-07 17:31 - 2015-01-07 18:50 - 00105992 _____ () C:\Users\Cetis\AppData\Local\GDIPFONTCACHEV1.DAT

2015-01-07 17:31 - 2015-01-07 17:38 - 00000000 ____D () C:\Users\Cetis

2015-01-07 17:31 - 2015-01-07 17:31 - 00000020 ___SH () C:\Users\Cetis\ntuser.ini

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Szablony

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Menu Start

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Ustawienia lokalne

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Szablony

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Moje dokumenty

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Menu Start

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Documents\Moje wideo

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Documents\Moje obrazy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Documents\Moja muzyka

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\Dane aplikacji

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\AppData\Roaming\Microsoft\Windows\Start Menu\Programy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\AppData\Local\Historia

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\Users\Cetis\AppData\Local\Dane aplikacji

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\ProgramData\Ulubione

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\ProgramData\Szablony

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\ProgramData\Pulpit

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\ProgramData\Menu Start

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\ProgramData\Dokumenty

2015-01-07 17:31 - 2015-01-07 17:31 - 00000000 _SHDL () C:\ProgramData\Dane aplikacji

2015-01-07 17:31 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Cetis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-01-07 17:31 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Cetis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2015-01-07 17:27 - 2015-01-07 17:27 - 00000000 ____D () C:\Windows\CSC

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-01-09 14:10 - 2009-07-14 05:45 - 00016864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-01-09 14:10 - 2009-07-14 05:45 - 00016864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-01-09 14:06 - 2011-04-12 14:21 - 00741150 _____ () C:\Windows\system32\perfh015.dat

2015-01-09 14:06 - 2011-04-12 14:21 - 00156222 _____ () C:\Windows\system32\perfc015.dat

2015-01-09 14:06 - 2009-07-14 06:13 - 01672672 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-01-09 14:01 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini

2015-01-09 14:00 - 2013-10-09 15:49 - 00030439 _____ () C:\Windows\setupact.log

2015-01-09 14:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-01-09 13:59 - 2013-10-09 15:49 - 00019160 _____ () C:\Windows\PFRO.log

2015-01-08 22:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2015-01-07 19:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy

2015-01-07 18:49 - 2009-07-14 05:45 - 00384016 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-01-07 18:44 - 2009-07-14 03:34 - 00000255 _____ () C:\Windows\system.ini

2015-01-07 18:43 - 2011-04-12 14:32 - 00000000 ____D () C:\Windows\ShellNew

2015-01-07 18:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2015-01-07 18:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2015-01-07 18:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System

2015-01-07 17:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries

2015-01-07 17:39 - 2014-01-15 17:19 - 01694952 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2015-01-07 17:38 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore

2015-01-07 17:31 - 2013-09-13 20:21 - 00000000 ____D () C:\Windows\Panther

2015-01-07 17:31 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default

2015-01-07 17:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT

2015-01-07 17:30 - 2013-10-09 15:55 - 00005949 _____ () C:\Windows\TSSysprep.log

2015-01-07 17:30 - 2013-10-09 15:55 - 00002536 _____ () C:\Windows\DtcInstall.log

2015-01-07 17:26 - 2013-10-09 16:48 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG

2015-01-07 17:26 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template

C:\Windows\svchost.exe

ATTENTION ====> Check for partition/boot infection.

 

Some content of TEMP:

====================

C:\Users\Cetis\AppData\Local\Temp\AsrSP.exe

C:\Users\Cetis\AppData\Local\Temp\bitool.dll

C:\Users\Cetis\AppData\Local\Temp\IAStorIcon.exe

C:\Users\Cetis\AppData\Local\Temp\winarvhus.exe

C:\Users\Cetis\AppData\Local\Temp\winjtoc.exe

C:\Users\Cetis\AppData\Local\Temp\winkodb.exe

C:\Users\Cetis\AppData\Local\Temp\wintrln.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-01-08 22:51

 

==================== End Of Log ============================

 

 

Próbowałem odpalić w trybie awaryjnym ale zatrzymuje się na sprawdzaniu: WINDOWS/System32/drivers/CLASSPNP.sys

[Nezvik]

Jeefo, syf + jakaś inna infekcja (chyba miner). Napisałem do ciebie na gg.