Falowe obciążenie procesora, 100% CPU, brak jednoznacznych procesów w menedżerze

localh0st · 5 Grudnia 2013

Witam. Problem polega następująco: mój komputer falowo osiąga 100% wykorzystania CPU (widzę to na widgecie, w menedżerze zadań i odczuwam zamulaniem). Żaden z procesów jednoznacznie nie wykorzystuje 100%, wynik się sumuje (głównie w czołówce jest Chrome, dwm.exe i proces bezczynności). Niezależnie czy uruchomię Chrome czy Operę, każda z przeglądarek wykorzystuje podobną moc obliczeniową. Wszystko uaktywniło się całkowicie przypadkiem, nie instalowałem żadnych aplikacji, jedynie system się zaktualizował (nie było w nim żadnych sterowników). Zauważyłem również, że zamulanie występuje głównie wieczorami, a problem istnieje od dwóch dni.

Dodam, że komputer nie muli w ten sposób nawet podczas wykonywania wymagających operacji (renderowanie, kopiowanie dużych plików czy kompilacja kodu).

Windows 7 x64, Thinkpad T500, grafika Intel + ATI MHD, dysk SSD z systemem + HDD, 6GB RAM, C2D p8700.

Przełączanie pomiędzy grafikami nic nie zmienia. Wyłączenie Aero również, więc wydaje mi się że nie jest to wina grafiki. Adobe Flash jest odinstalowany.

Poniżej wklejam logi z CF i HT.

ComboFix 13-12-04.04 - localh0st 2013-12-04 23:14:25.1.2 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.6040.4176 [GMT 1:00]

Uruchomiony z: c:\users\localh0st\Downloads\ComboFix.exe

AV: ESET Smart Security 6.0 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

SP: ESET Smart Security 6.0 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Rezydentny antywirus jest aktywny

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\LOCALH~1\AppData\Local\Temp\sfamcc00001.dll

c:\users\LOCALH~1\AppData\Local\Temp\sfareca00001.dll

c:\users\localh0st\AppData\Local\assembly\tmp

c:\users\localh0st\AppData\Local\Temp\sfamcc00001.dll

c:\users\localh0st\AppData\Local\Temp\sfareca00001.dll

.

((((((((((((((((((((((((( Pliki utworzone od 2013-11-04 do 2013-12-04 )))))))))))))))))))))))))))))))

.

2013-12-04 22:30 . 2013-12-04 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-12-04 17:47 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B746436D-1DB5-4EE4-9C74-DC9C1244E931}\mpengine.dll

2013-12-01 11:12 . 2013-12-01 11:12 -------- d-----w- c:\users\localh0st\AppData\Roaming\ControlCenter4

2013-11-30 16:01 . 2013-11-30 16:01 -------- d-----w- c:\windows\Migration

2013-11-30 16:00 . 2013-11-30 16:00 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-11-30 16:00 . 2013-11-30 16:00 194048 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-11-30 14:43 . 2013-11-30 14:43 999936 ----a-w- c:\program files (x86)\Internet Explorer\networkinspection.dll

2013-11-30 14:42 . 2013-11-30 14:42 23212032 ----a-w- c:\windows\system32\mshtml.dll

2013-11-30 14:29 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll

2013-11-30 14:28 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll

2013-11-30 14:28 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-11-30 14:28 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll

2013-11-30 14:28 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-11-30 14:28 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL

2013-11-30 14:28 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll

2013-11-30 14:28 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL

2013-11-29 17:18 . 2013-11-29 17:18 -------- d-----w- C:\Brother

2013-11-29 17:18 . 2013-11-29 17:18 -------- d-----w- c:\program files (x86)\Browny02

2013-11-29 17:18 . 2013-11-29 17:18 -------- d-----w- c:\programdata\ControlCenter4

2013-11-29 17:18 . 2013-11-29 17:18 -------- d-----w- c:\program files (x86)\ControlCenter4

2013-11-29 17:18 . 2012-03-19 04:09 316928 ----a-w- c:\windows\system32\NSSRH64.dll

2013-11-29 17:18 . 2012-07-27 05:07 87040 ----a-w- c:\windows\system32\BrNetSti.dll

2013-11-29 17:18 . 2012-06-12 07:38 54272 ----a-w- c:\windows\system32\Brnsplg.dll

2013-11-29 17:18 . 2012-04-11 04:27 58880 ----a-w- c:\windows\system32\BrWiaNCp.dll

2013-11-29 17:18 . 2005-04-22 04:36 143360 ----a-w- c:\windows\system32\BrSNMP64.dll

2013-11-29 17:17 . 2012-08-06 06:33 77824 ----a-w- c:\windows\SysWow64\BRLMW03A.DLL

2013-11-29 17:17 . 2012-08-06 06:33 45056 ----a-w- c:\windows\SysWow64\BRTCPCON.DLL

2013-11-29 17:17 . 2012-08-06 06:33 25299 ----a-w- c:\windows\SysWow64\BRLM03A.DLL

2013-11-29 17:17 . 2012-08-06 06:33 180224 ----a-w- c:\windows\SysWow64\BROSNMP.DLL

2013-11-29 17:17 . 2012-08-06 06:33 113744 ----a-w- c:\windows\SysWow64\BRRBTOOL.EXE

2013-11-29 17:17 . 2012-04-11 05:22 1441792 ----a-w- c:\windows\system32\BrWi212a.dll

2013-11-29 17:17 . 2011-09-08 09:36 279040 ----a-w- c:\windows\system32\BrJDec.dll

2013-11-29 17:17 . 2012-07-09 16:19 5120 ----a-w- c:\windows\SysWow64\BrDctF2S.dll

2013-11-29 17:17 . 2012-03-19 12:09 245760 ----a-w- c:\windows\SysWow64\NSSearch.dll

2013-11-29 17:17 . 2010-03-15 18:45 73728 ----a-w- c:\windows\SysWow64\BrDctF2.dll

2013-11-29 17:17 . 2007-12-13 21:16 4608 ----a-w- c:\windows\SysWow64\BrDctF2L.dll

2013-11-29 17:16 . 2013-11-29 17:19 -------- d-----w- c:\programdata\Brother

2013-11-29 17:16 . 2013-11-29 17:16 -------- d-----w- c:\users\localh0st\AppData\Roaming\InstallShield

2013-11-29 17:12 . 2013-11-29 17:18 -------- d-----w- c:\program files (x86)\Brother

2013-11-29 17:12 . 2013-11-29 17:12 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll

2013-11-29 17:12 . 2013-11-29 17:12 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll

2013-11-29 17:12 . 2004-04-18 22:42 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll

2013-11-29 17:12 . 2004-04-18 22:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll

2013-11-29 17:12 . 2004-04-18 22:39 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll

2013-11-29 17:12 . 2004-04-18 22:39 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll

2013-11-29 17:12 . 2004-04-18 22:39 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe

2013-11-29 17:12 . 2004-04-18 22:36 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll

2013-11-19 10:48 . 2013-11-19 10:48 -------- d-----w- c:\windows\obj

2013-11-17 16:57 . 2013-11-17 16:57 -------- d-----w- c:\users\localh0st\AppData\Roaming\Microsoft Corporation

2013-11-17 13:45 . 2013-11-17 13:50 -------- d-----w- c:\users\localh0st\cminstaller

2013-11-12 16:03 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll

2013-11-12 14:48 . 2013-11-12 14:48 -------- d-----w- c:\users\localh0st\AppData\Local\e-academy Inc

2013-11-12 11:52 . 2013-11-12 11:53 -------- d-----w- C:\C#

2013-11-09 18:54 . 2013-11-09 18:55 -------- d-----w- C:\UJ

2013-11-05 15:11 . 2013-12-04 22:29 -------- d-----w- c:\users\localh0st\AppData\Local\assembly

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-11-30 14:40 . 2013-08-27 11:24 82896128 ----a-w- c:\windows\system32\MRT.exe

2013-11-19 02:33 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe

2013-11-12 16:00 . 2013-10-08 13:58 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll

2013-11-12 13:45 . 2013-10-08 12:48 2049344 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll

2013-11-12 13:39 . 2013-10-01 19:20 350720 ----a-w- c:\programdata\Microsoft\VPDExpress\11.0\1033\ResourceCache.dll

2013-11-02 15:22 . 2013-11-02 12:39 222 ----a-w- c:\users\localh0st\IP_Log_Data.js

2013-11-02 15:22 . 2013-11-02 13:00 69 ----a-w- c:\users\localh0st\Network_Meter_Data.js

2013-10-30 10:52 . 2013-10-30 10:52 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2013-10-30 10:52 . 2013-10-30 10:52 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2013-10-30 10:52 . 2013-10-30 10:52 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2013-10-15 00:29 . 2013-10-15 00:29 59816 ----a-r- c:\users\localh0st\AppData\Roaming\Microsoft\Installer\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}\ARPPRODUCTICON.exe

2013-10-15 00:29 . 2013-10-15 00:29 59816 ----a-r- c:\users\localh0st\AppData\Roaming\Microsoft\Installer\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}\ARPPRODUCTICON.exe

2013-10-11 15:09 . 2013-10-11 15:09 98816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys

2013-10-11 15:09 . 2013-10-11 15:09 86016 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys

2013-10-11 15:09 . 2013-10-11 15:09 69632 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys

2013-10-11 15:09 . 2013-10-11 15:09 28672 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys

2013-10-11 15:09 . 2013-10-11 15:09 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys

2013-10-11 15:09 . 2013-10-11 15:09 212992 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys

2013-10-11 15:09 . 2013-10-11 15:09 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys

2013-10-11 15:09 . 2013-10-11 15:09 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys

2013-10-11 15:09 . 2013-10-11 15:09 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys

2013-10-11 15:09 . 2013-10-11 15:09 421376 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys

2013-10-11 15:09 . 2013-10-11 15:09 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys

2013-10-11 15:09 . 2013-10-11 15:09 222464 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys

2013-10-11 15:09 . 2013-10-11 15:09 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll

2013-10-11 15:09 . 2013-09-19 16:34 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll

2013-10-10 15:32 . 2013-10-10 15:32 119808 ----a-r- c:\users\localh0st\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe

2013-09-11 20:21 . 2013-09-11 20:21 863344 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll

2013-09-11 20:21 . 2013-09-11 20:21 501872 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll

2013-09-11 20:21 . 2013-09-11 20:21 28776 ----a-w- c:\windows\SysWow64\aspnet_counters.dll

2013-09-11 20:21 . 2013-09-11 20:21 18000 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll

2013-09-11 18:39 . 2013-09-11 18:39 855664 ----a-w- c:\windows\system32\msvcr110_clr0400.dll

2013-09-11 18:39 . 2013-09-11 18:39 614000 ----a-w- c:\windows\system32\msvcp110_clr0400.dll

2013-09-11 18:39 . 2013-09-11 18:39 30312 ----a-w- c:\windows\system32\aspnet_counters.dll

2013-09-11 18:39 . 2013-09-11 18:39 18000 ----a-w- c:\windows\system32\msvcr100_clr0400.dll

2013-09-11 09:48 . 2013-09-11 09:48 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2013-09-09 13:28 . 2013-09-09 13:28 925184 ----a-w- c:\windows\expstart.exe

2013-09-08 02:30 . 2013-10-16 20:01 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-09-08 02:27 . 2013-10-16 20:01 327168 ----a-w- c:\windows\system32\mswsock.dll

2013-09-08 02:03 . 2013-10-16 20:01 231424 ----a-w- c:\windows\SysWow64\mswsock.dll

2013-09-06 12:27 . 2013-10-03 14:03 238352 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2013-09-06 12:25 . 2013-10-03 14:02 119056 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2013-09-06 12:25 . 2013-09-06 12:25 146704 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys

2013-09-06 12:25 . 2013-09-06 12:25 131856 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys

2013-09-06 12:25 . 2013-09-06 12:25 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll

2013-08-27 13:35 . 2013-08-27 13:35 993384 ----a-w- c:\program files (x86)\putty.exe

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"PWMTRV"="c:\program files (x86)\ThinkPad\Utilities\PWMTR64V.DLL" [2013-09-03 6619432]

.

c:\users\localh0st\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\localh0st\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-11-1 29769432]

Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2013-8-26 38072]

speedfan — skrót.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2013-3-15 4683768]

VirtuaWin — skrót.lnk - c:\program files (x86)\VirtualWin\VirtuaWin.exe [2013-8-27 135680]

WinOMeter — skrót.lnk - c:\program files (x86)\winometer\WinOMeter.exe [2013-8-27 114688]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

UltraMon.lnk - c:\windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico /auto [2013-9-9 29310]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"DisableCAD"= 1 (0x1)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]

R2 PLAY ONLINE. RunOuc;PLAY ONLINE. OUC;c:\program files (x86)\PLAY ONLINE\UpdateDog\ouc.exe;c:\program files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [x]

R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]

R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]

R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]

R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 netw5v64;Sterownik karty Intel® Wireless WiFi Link 5000 Series dla systemu Windows Vista w wersji 64-bitowej;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]

R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]

R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]

R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]

R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R4 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]

S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]

S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]

S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]

S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]

S2 FPLService;TrueSuiteService;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe [x]

S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]

S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]

S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [x]

S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]

S3 e1yexpress;Sterownik kart Intel® Gigabit Network Connection;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]

S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]

S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]

S3 NETw5s64;Sterownik karty Intel® Wireless WiFi Link dla systemu Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

S3 Power Manager DBC Service;Power Manager Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]

S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]

S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]

S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]

S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]

.

--- Inne Usługi/Sterowniki w Pamięci ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-12-04 17:29 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe

.

Zawartość folderu 'Zaplanowane zadania'

.

2013-12-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3694959250-2104472188-3898954906-1000Core.job

- c:\users\localh0st\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-16 20:17]

.

2013-12-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3694959250-2104472188-3898954906-1000UA.job

- c:\users\localh0st\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-16 20:17]

.

2013-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-27 10:49]

.

2013-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-27 10:49]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\localh0st\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]