Zdravím, poslední zhruba dva týdny se mi zvyšuje teplota GPU a tím i otáčky ventilátoru grafiky, při spuštění zdánlivě nevinných aplikací - Free Rapid Downloader (java aplikace pro stahování z rapidshare apod.) nebo Firefoxu, případně starých her, ne příliš náročných na grafiku.
Nejdřív jsem měl podezření a zaprášené chladiče, tak jsem rozebral počítač a vše vyčistli, na GPU i CPU jsem dal novou teplovodivou pastu. Situace se trochu zlepšila, ale pořád to není podle mě normální.
Prosím o pomoc a kontrolu logu, jestli tam nemám něco, co tam být nemá.
Díky.
Logfile of random's system information tool 1.09 (written by random/random)
Run by MD at 2013-11-08 06:13:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 638 GB (90%) free of 706 GB
Total RAM: 8183 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:13:14, on 8.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
D:\Apps\WinCmd\TOTALCMD.EXE
D:\Portable\FirefoxPortable\FirefoxPortable.exe
D:\Portable\FirefoxPortable\App\firefox\firefox.exe
D:\Portable\FirefoxPortable\App\firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files\trend micro\MD.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: Convert to Palm e-Book - C:\Program Files (x86)\WavePDB\WavePDB.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do součásti Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus (avp) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MpsSvc - Unknown owner - C:\Windows\.
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Správce zabezpečení účtů (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 8753 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe" -r
C:\Windows\system32\svchost.exe -k imgsvc
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Windows\SysWOW64\vmnat.exe
"taskhost.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe" -hidden /prefetch:1
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a1c93efd-d382-4b47-86c4-dd632d979a41 -SystemEventPortName:HostProcess-60271c83-b809-460a-9852-12e0f807fef7 -IoCancelEventPortName:HostProcess-601e6e5e-3ae0-4a02-a470-9f3608dad4fb -NonStateChangingEventPortName:HostProcess-ac420c6f-0d3f-48bc-83db-34f5b794c60f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6bd042d8-8e61-440e-af10-ff126ca01376
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\explorer.exe
"D:\Apps\WinCmd\TOTALCMD.EXE"
C:\Windows\System32\svchost.exe -k swprv
taskhost.exe $(Arg0)
"D:\Portable\FirefoxPortable\FirefoxPortable.exe"
"D:\Portable\FirefoxPortable\App\firefox\firefox.exe" -profile "D:\Portable\FirefoxPortable\Data\profile"
"D:\Portable\FirefoxPortable\App\firefox\plugin-container.exe" --channel=7284.bfae500.217730961 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" -greomni "D:\Portable\FirefoxPortable\App\firefox\omni.ja" -appomni "D:\Portable\FirefoxPortable\App\firefox\browser\omni.ja" -appdir "D:\Portable\FirefoxPortable\App\firefox\browser" 52112BB4F82D2DE6 7284 "\\.\pipe\gecko-crash-server-pipe.7284" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash8600.5E20CA40.14261 --host-broker-channel=Flash8600.5E20CA40.21353 --host-pid=8600 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=8784.0027F258.432693255 --proxy-stub-channel=Flash8600.5E20CA40.14261 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer
"D:\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 800448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1438400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 525504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 988864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 655040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1179840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 434368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 793280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-18 10810912]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"tsnp2uvc"=C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [2011-12-02 318976]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2013-08-27 111696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-11-08 06:13:12 ----D---- C:\rsit
2013-11-08 05:59:04 ----D---- C:\Program Files\trend micro
2013-11-08 05:45:34 ----D---- C:\$RECYCLE.BIN
2013-11-07 21:10:51 ----D---- C:\Qoobox
2013-11-02 15:03:02 ----D---- C:\ProgramData\Steam
2013-10-22 19:26:38 ----D---- C:\Program Files (x86)\BRS
2013-10-22 19:26:08 ----D---- C:\Windows\SYSWOW64\xlive
2013-10-22 19:26:08 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-20 15:31:20 ----A---- C:\Windows\SYSWOW64\vsocklib.dll
2013-10-20 15:31:20 ----A---- C:\Windows\system32\vsocklib.dll
2013-10-20 15:31:20 ----A---- C:\Windows\system32\drivers\vsock.sys
2013-10-20 15:31:19 ----A---- C:\Windows\system32\drivers\vmx86.sys
2013-10-20 15:31:08 ----A---- C:\Windows\SYSWOW64\vmnetdhcp.exe
2013-10-20 15:31:07 ----A---- C:\Windows\SYSWOW64\vmnat.exe
2013-10-20 15:31:02 ----A---- C:\Windows\system32\drivers\vmnetuserif.sys
2013-10-20 15:30:57 ----A---- C:\Windows\system32\vnetlib64.dll
2013-10-20 15:30:54 ----A---- C:\Windows\system32\drivers\hcmon.sys
2013-10-20 15:30:34 ----D---- C:\Program Files\Common Files\VMware
2013-10-20 15:30:09 ----D---- C:\Program Files (x86)\VMware
2013-10-17 20:22:38 ----D---- C:\ProgramData\Oracle
2013-10-17 20:22:33 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-17 20:22:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-17 20:22:30 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-17 20:22:30 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-12 01:25:14 ----D---- C:\Windows\ERUNT
2013-10-12 00:27:59 ----D---- C:\Program Files (x86)\SafePCRepair_89EI
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvoglv64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvir3dgenco6420172.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvinitx.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\NvIFR64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvhdap64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\NvFBC64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvdispgenco6432723.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvdispco6432723.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\drivers\nvstusb.sys
2013-10-10 19:38:21 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-10 19:38:21 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
======List of files/folders modified in the last 1 month======
2013-11-08 06:13:13 ----D---- C:\Windows\Temp
2013-11-08 06:12:29 ----D---- C:\Users\MD\AppData\Roaming\Mozilla
2013-11-08 06:08:38 ----D---- C:\Windows\Prefetch
2013-11-08 06:08:12 ----AD---- C:\Windows
2013-11-08 05:59:04 ----RD---- C:\Program Files
2013-11-08 05:53:28 ----D---- C:\Windows\System32
2013-11-08 05:53:28 ----D---- C:\Windows\inf
2013-11-08 05:53:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-08 05:50:17 ----D---- C:\Windows\system32\drivers
2013-11-08 05:46:16 ----D---- C:\Users\MD\AppData\Roaming\Skype
2013-11-08 05:45:38 ----A---- C:\Windows\system.ini
2013-11-08 05:45:32 ----D---- C:\Windows\system32\drivers\etc
2013-11-08 05:45:19 ----D---- C:\ProgramData\Kaspersky Lab
2013-11-08 05:45:10 ----D---- C:\ProgramData\VMware
2013-11-08 05:45:04 ----SHD---- C:\System Volume Information
2013-11-08 05:45:02 ----D---- C:\ProgramData\NVIDIA
2013-11-08 05:42:24 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-08 05:42:24 ----D---- C:\Windows\SysWOW64
2013-11-08 05:42:24 ----D---- C:\Windows\AppPatch
2013-11-08 05:42:23 ----D---- C:\Program Files (x86)\Common Files
2013-11-07 21:17:26 ----D---- C:\ProgramData
2013-11-07 20:43:05 ----A---- C:\error.txt
2013-11-07 19:52:07 ----AD---- C:\ProgramData\Temp
2013-11-07 19:11:04 ----SHD---- C:\Windows\Installer
2013-11-05 21:38:17 ----D---- C:\Users\MD\AppData\Roaming\VMware
2013-11-05 21:30:37 ----D---- C:\Users\MD\AppData\Roaming\.oit
2013-11-02 15:03:03 ----D---- C:\Users\MD\AppData\Roaming\Milestone
2013-11-02 09:20:41 ----D---- C:\Users\MD\AppData\Roaming\Foxit Software
2013-11-01 04:25:31 ----D---- C:\Windows\system32\catroot2
2013-10-29 03:00:15 ----D---- C:\Windows\system32\FxsTmp
2013-10-26 00:16:25 ----D---- C:\ProgramData\Codemasters
2013-10-22 19:26:38 ----RD---- C:\Program Files (x86)
2013-10-22 19:26:34 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2013-10-22 19:26:34 ----A---- C:\Windows\system32\OpenAL32.dll
2013-10-22 19:25:05 ----D---- C:\Windows\Logs
2013-10-22 19:15:01 ----D---- C:\Users\MD\AppData\Roaming\DAEMON Tools Lite
2013-10-20 15:31:20 ----D---- C:\Windows\system32\DriverStore
2013-10-20 15:31:20 ----D---- C:\Windows\system32\catroot
2013-10-20 15:30:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-20 15:30:34 ----D---- C:\Program Files\Common Files
2013-10-20 15:29:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-19 16:38:40 ----D---- C:\Users\MD\AppData\Roaming\Media Player Classic
2013-10-19 10:17:38 ----D---- C:\Windows\SoftwareDistribution
2013-10-19 09:39:53 ----D---- C:\ProgramData\Skype
2013-10-19 09:39:52 ----RD---- C:\Program Files (x86)\Skype
2013-10-17 20:33:14 ----D---- C:\Program Files (x86)\Kaspersky Lab
2013-10-17 20:22:30 ----D---- C:\Program Files (x86)\Java
2013-10-17 20:08:48 ----D---- C:\Windows\Panther
2013-10-17 20:08:48 ----D---- C:\Users\MD\AppData\Roaming\uTorrent
2013-10-17 20:08:47 ----D---- C:\Windows\debug
2013-10-17 18:57:03 ----D---- C:\ProgramData\Microsoft Help
2013-10-12 02:57:27 ----D---- C:\Windows\Microsoft.NET
2013-10-12 01:47:58 ----D---- C:\Windows\Minidump
2013-10-12 01:10:07 ----D---- C:\Program Files (x86)\Acer
2013-10-12 01:06:33 ----RSD---- C:\Windows\assembly
2013-10-12 01:05:58 ----SD---- C:\ProgramData\Microsoft
2013-10-12 00:59:22 ----D---- C:\Program Files (x86)\TP-LINK
2013-10-12 00:52:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-12 00:52:05 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 23:31:15 ----D---- C:\Windows\system32\wdi
2013-10-10 20:17:59 ----RD---- C:\Users
2013-10-10 19:41:19 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-10-10 17:11:14 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-10 16:58:19 ----D---- C:\Windows\system32\config
2013-10-10 05:02:36 ----D---- C:\Windows\LiveKernelReports
2013-10-09 12:33:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-11-07 458336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-16 513080]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2013-08-15 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2013-08-15 73296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-04 254528]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-11-07 623200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-17 29792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 55904]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-06-06 178784]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 6077757b;6077757b; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-08-26 53816]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-08-27 46160]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-08-27 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-08-27 64080]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi20-shared.sys [2013-02-22 33872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-05-18 2371744]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-17 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-17 29280]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\DRIVERS\nvstusb.sys [2013-06-23 450848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2013-05-07 34032]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-08-27 20560]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys []
S1 Uim_IM;Universal Image Mounter Plugin; C:\Windows\System32\Drivers\Uim_IMx64.sys [2011-01-21 528464]
S1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\uimx64.sys [2011-01-21 53840]
S2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
S3 ArvoFltr;ROCCAT Arvo; C:\Windows\system32\drivers\ArvoFltr.sys [2009-05-07 15872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-05-07 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-05-07 27760]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-10-17 3567488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-04-12 131856]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-03-15 106256]
S3 WinUsb;Sony Ericsson sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 36936]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2013-06-08 112224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avp;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-17 214512]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 USBS3S4Detection;USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2013-08-27 86096]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-08-27 358480]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-08-26 904248]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-08-27 437328]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2013-08-27 14401104]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-05 1255736]
S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 nvsvc;nvsvc; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
S4 nvUpdatusService;nvUpdatusService; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vysoká teplota GPU při spuštění Java
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vysoká teplota GPU při spuštění Java
Naposledy upravil(a) vyosek dne 08 lis 2013 07:59, celkem upraveno 1 x.
Důvod: log odstranen z code
Důvod: log odstranen z code
Re: Vysoká teplota GPU při spuštění Java
Zdravim 
Vy jste tam neco provadel s ComboFixem, ze?
Vy jste tam neco provadel s ComboFixem, ze?"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká teplota GPU při spuštění Java
Ano, přiznám se, že jsem ho spustil a nechal proběhnout. Dostal se mi do ruky dřív, než jsem tu zaregistroval a přečetl si v pravidlech, že bych ho neměl použít bez vaší rady. Je to problém ?
Re: Vysoká teplota GPU při spuštění Java
Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
Log z nej uz nenajdete co?? Mel by byt c:\combofix.txt Najdete tento soubor c:\windows\sysWOW64\cmd.exe, kliknete na nej pravym mysidlem a dejte Run As Administrator ci Spustit jako spravce, pak napiste CACLS "C:\Qoobox\BackEnv" /T /E /G Everyone:F - enter Zabalte mi slozku c:\qoobox a nekam uploadnete"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká teplota GPU při spuštění Java
Ten log combofix.txt tam opravdu nemám.
Zabalenou složku Qoobox přikládám.
Zabalenou složku Qoobox přikládám.
- Přílohy
-
- Qoobox.zip
- (7.36 KiB) Staženo 33 x
Re: Vysoká teplota GPU při spuštění Java
No super, muzu jen odhadovatr co CF provadel, jelikoz jste jej i odinstalovaval, ze 
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká teplota GPU při spuštění Java
Anti-Malware nainstalováno, aktualizováno a spuštěna úplná kontrola.
Výsledek:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.11.08.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
MD :: PREDATOR [administrátor]
Ochrana: Povolena
9.11.2013 2:41:29
MBAM-log-2013-11-09 (05-09-39).txt
Typ: Kompletní kontrola (C:\|D:\|M:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 661648
Uplynulý čas: 2 hodin, 26 minut, 6 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
D:\Apps\WinCmd\Plugins\wfx\IECache\IECache.wfx (Spyware.Banker) -> Nebyla provedena žádná instrukce.
(konec)
Výsledek:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.11.08.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
MD :: PREDATOR [administrátor]
Ochrana: Povolena
9.11.2013 2:41:29
MBAM-log-2013-11-09 (05-09-39).txt
Typ: Kompletní kontrola (C:\|D:\|M:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 661648
Uplynulý čas: 2 hodin, 26 minut, 6 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
D:\Apps\WinCmd\Plugins\wfx\IECache\IECache.wfx (Spyware.Banker) -> Nebyla provedena žádná instrukce.
(konec)
Naposledy upravil(a) vyosek dne 09 lis 2013 06:41, celkem upraveno 1 x.
Důvod: Log odstranen z code
Důvod: Log odstranen z code
Re: Vysoká teplota GPU při spuštění Java
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká teplota GPU při spuštění Java
Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by MD (administrator) on PREDATOR on 11-11-2013 05:25:41
Running from C:\Users\MD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(PortableApps.com) D:\Portable\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) D:\Portable\FirefoxPortable\App\firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) D:\Portable\FirefoxPortable\App\firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Ghisler Software GmbH) D:\Apps\WinCmd\TOTALCMD.EXE
(forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10810912 2010-05-18] (Realtek Semiconductor)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\Run: [tsnp2uvc] - C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [318976 2011-12-02] (Sonix Technology Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\MD\AppData\Roaming\Mozilla\Firefox\Profiles\ububmupp.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Portable\Foxit Reader\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Portable\Foxit Reader\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
==================== Services (Whitelisted) =================
R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] ()
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
==================== Drivers (Whitelisted) ====================
R2 6077757b; C:\Windows\system32\drivers\regi.sys [14112 2007-04-17] (InterVideo)
S3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-07] (ROCCAT Development, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2013-03-04] (DT Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-07] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-05-07] (Sony Ericsson Mobile Communications)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3567488 2011-10-17] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-12-16] ()
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-01-21] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-01-21] (Paragon)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-03-15] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 ArcSec; system32\drivers\ArcSec.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-11 05:25 - 2013-11-11 05:25 - 00000000 ____D C:\FRST
2013-11-11 05:25 - 2013-11-11 05:23 - 01957590 _____ (Farbar) C:\Users\MD\Desktop\FRST64.exe
2013-11-11 05:25 - 2013-11-11 05:23 - 00112128 _____ (forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
2013-11-09 02:40 - 2013-11-09 02:40 - 00000000 ____D C:\Users\MD\AppData\Roaming\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-09 02:39 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-08 06:13 - 2013-11-08 06:13 - 00000000 ____D C:\rsit
2013-11-08 05:59 - 2013-11-08 06:13 - 00000000 ____D C:\Program Files\trend micro
2013-11-07 21:10 - 2013-11-08 06:07 - 00000000 ____D C:\Qoobox
2013-11-02 15:03 - 2013-11-02 15:03 - 00000000 ____D C:\ProgramData\Steam
2013-10-22 19:29 - 2013-10-22 19:29 - 00000000 ____D C:\Users\MD\Documents\My Games
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\BRS
2013-10-20 15:31 - 2013-08-27 11:42 - 00437328 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2013-10-20 15:31 - 2013-08-27 11:42 - 00358480 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2013-10-20 15:31 - 2013-08-27 11:42 - 00064080 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2013-10-20 15:31 - 2013-08-27 11:42 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2013-10-20 15:31 - 2013-08-15 17:25 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2013-10-20 15:31 - 2013-08-15 17:25 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2013-10-20 15:31 - 2013-08-15 17:25 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-10-20 15:30 - 2013-10-20 15:30 - 00002131 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files (x86)\VMware
2013-10-20 15:30 - 2013-08-27 11:42 - 00930384 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2013-10-20 15:30 - 2013-08-26 22:33 - 00053816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2013-10-19 10:17 - 2013-11-11 05:19 - 00601450 _____ C:\Windows\WindowsUpdate.log
2013-10-17 20:34 - 2013-11-11 05:15 - 00002476 _____ C:\Windows\setupact.log
2013-10-17 20:34 - 2013-10-17 20:34 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 20:33 - 2013-11-08 05:44 - 00002266 _____ C:\Windows\PFRO.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00004229 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 20:22 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 20:22 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-17 20:22 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-17 20:22 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-17 20:09 - 2013-10-17 20:09 - 00433404 _____ C:\Users\MD\Documents\cc_20131017_210929.reg
2013-10-12 01:25 - 2013-10-12 01:25 - 00000000 ____D C:\Windows\ERUNT
2013-10-12 00:27 - 2013-10-12 00:27 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI
==================== One Month Modified Files and Folders =======
2013-11-11 05:25 - 2013-11-11 05:25 - 00000000 ____D C:\FRST
2013-11-11 05:24 - 2010-12-02 19:12 - 00637214 _____ C:\Windows\system32\perfh005.dat
2013-11-11 05:24 - 2010-12-02 19:12 - 00124330 _____ C:\Windows\system32\perfc005.dat
2013-11-11 05:24 - 2009-07-14 06:13 - 01487068 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:23 - 2013-11-11 05:25 - 01957590 _____ (Farbar) C:\Users\MD\Desktop\FRST64.exe
2013-11-11 05:23 - 2013-11-11 05:25 - 00112128 _____ (forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
2013-11-11 05:23 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 05:23 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 05:19 - 2013-10-19 10:17 - 00601450 _____ C:\Windows\WindowsUpdate.log
2013-11-11 05:17 - 2011-09-14 20:01 - 00000000 ____D C:\Users\MD\AppData\Roaming\Mozilla
2013-11-11 05:16 - 2012-12-15 12:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-11 05:16 - 2011-02-06 19:43 - 00000000 ____D C:\Users\MD\AppData\Roaming\Skype
2013-11-11 05:16 - 2011-02-06 12:27 - 00000000 ____D C:\ProgramData\VMware
2013-11-11 05:15 - 2013-10-17 20:34 - 00002476 _____ C:\Windows\setupact.log
2013-11-11 05:15 - 2010-12-08 05:08 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-11 05:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 08:33 - 2013-03-01 06:05 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 03:39 - 2012-03-29 22:24 - 00000000 ____D C:\Users\MD\AppData\Roaming\.oit
2013-11-09 09:23 - 2013-07-17 03:34 - 00000157 _____ C:\error.txt
2013-11-09 04:24 - 2011-02-27 06:14 - 00000000 ____D C:\Users\MD\AppData\Roaming\Foxit Software
2013-11-09 03:33 - 2011-02-06 13:42 - 00000000 ____D C:\Users\MD\AppData\Roaming\VMware
2013-11-09 03:33 - 2011-02-06 13:42 - 00000000 ____D C:\Users\MD\AppData\Local\VMware
2013-11-09 03:28 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-09 02:40 - 2013-11-09 02:40 - 00000000 ____D C:\Users\MD\AppData\Roaming\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-08 06:13 - 2013-11-08 06:13 - 00000000 ____D C:\rsit
2013-11-08 06:13 - 2013-11-08 05:59 - 00000000 ____D C:\Program Files\trend micro
2013-11-08 06:07 - 2013-11-07 21:10 - 00000000 ____D C:\Qoobox
2013-11-08 05:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-08 05:44 - 2013-10-17 20:33 - 00002266 _____ C:\Windows\PFRO.log
2013-11-07 21:11 - 2009-07-14 06:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-07 19:43 - 2013-03-06 20:54 - 00004248 _____ C:\Users\MD\Documents\TombRaider.log
2013-11-07 19:11 - 2011-02-12 01:12 - 00000000 ____D C:\Users\MD\Documents\Soubory aplikace Outlook
2013-11-07 19:10 - 2013-09-03 10:16 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-07 19:10 - 2013-05-06 08:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-11-02 15:03 - 2013-11-02 15:03 - 00000000 ____D C:\ProgramData\Steam
2013-11-02 15:03 - 2013-01-27 20:02 - 00000000 ____D C:\Users\MD\AppData\Roaming\Milestone
2013-10-26 00:22 - 2012-01-26 18:42 - 00000000 ____D C:\Users\MD\AppData\Local\Firestorm
2013-10-26 00:16 - 2011-02-21 01:15 - 00000000 ____D C:\ProgramData\Codemasters
2013-10-23 18:47 - 2011-02-05 11:29 - 00000000 ___RD C:\Users\MD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-22 19:29 - 2013-10-22 19:29 - 00000000 ____D C:\Users\MD\Documents\My Games
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\BRS
2013-10-22 19:26 - 2011-06-15 17:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-10-22 19:26 - 2011-02-21 01:13 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-10-22 19:15 - 2011-02-12 19:06 - 00000000 ____D C:\Users\MD\AppData\Roaming\DAEMON Tools Lite
2013-10-20 15:30 - 2013-10-20 15:30 - 00002131 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files (x86)\VMware
2013-10-20 15:30 - 2011-02-06 12:28 - 01503682 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-20 15:29 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-19 16:38 - 2011-02-05 16:05 - 00000000 ____D C:\Users\MD\AppData\Roaming\Media Player Classic
2013-10-19 09:39 - 2013-02-05 19:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-19 09:39 - 2011-02-06 19:18 - 00000000 ____D C:\ProgramData\Skype
2013-10-18 15:00 - 2011-02-05 11:26 - 00073360 _____ C:\Users\MD\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-17 20:43 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-10-17 20:43 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-10-17 20:43 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2013-10-17 20:34 - 2013-10-17 20:34 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 20:33 - 2012-12-15 12:39 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-10-17 20:33 - 2009-07-14 05:45 - 07247768 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-17 20:30 - 2013-02-03 14:05 - 00000000 ____D C:\Users\Administrator
2013-10-17 20:22 - 2013-10-17 20:22 - 00004229 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 20:22 - 2011-02-06 09:19 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-17 20:09 - 2013-10-17 20:09 - 00433404 _____ C:\Users\MD\Documents\cc_20131017_210929.reg
2013-10-17 20:08 - 2011-03-09 05:44 - 00000000 ____D C:\Users\MD\AppData\Roaming\uTorrent
2013-10-17 20:08 - 2011-02-05 11:25 - 00000000 ____D C:\Users\MD
2013-10-17 20:08 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2013-10-17 18:57 - 2011-02-12 00:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 04:05 - 2011-02-07 21:01 - 00007602 _____ C:\Users\MD\AppData\Local\Resmon.ResmonCfg
2013-10-12 01:47 - 2011-03-01 06:02 - 00000000 ____D C:\Windows\Minidump
2013-10-12 01:25 - 2013-10-12 01:25 - 00000000 ____D C:\Windows\ERUNT
2013-10-12 01:10 - 2010-08-26 12:38 - 00000000 ____D C:\Program Files (x86)\Acer
2013-10-12 00:59 - 2013-01-14 19:16 - 00000000 ____D C:\Program Files (x86)\TP-LINK
2013-10-12 00:52 - 2012-04-25 23:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-12 00:52 - 2012-04-25 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 00:27 - 2013-10-12 00:27 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-10 04:08
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:689.45 GB) (Free:623.88 GB) NTFS
Drive d: (DATA) (Fixed) (Total:689.71 GB) (Free:477.39 GB) NTFS
Drive m: (Media) (Fixed) (Total:3725.9 GB) (Free:1682.67 GB) NTFS
Drive v: (DuneHDD_b378d476_2fa2_42f0_9816_) (Network) (Total:931.22 GB) (Free:40.2 GB) NTFS
Available physical RAM: 6038.95 MB
Total physical RAM: 8183.07 MB
Percentage of memory in use: 26%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: E6C00821)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
Disk: 1 (Size: 3726 GB) (Disk ID: 02236B64)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:D2F2F703
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
==================== Security Center ==================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\MD\Desktop" je 1014 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler
C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by MD (administrator) on PREDATOR on 11-11-2013 05:25:41
Running from C:\Users\MD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(PortableApps.com) D:\Portable\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) D:\Portable\FirefoxPortable\App\firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) D:\Portable\FirefoxPortable\App\firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Ghisler Software GmbH) D:\Apps\WinCmd\TOTALCMD.EXE
(forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10810912 2010-05-18] (Realtek Semiconductor)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\Run: [tsnp2uvc] - C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [318976 2011-12-02] (Sonix Technology Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\MD\AppData\Roaming\Mozilla\Firefox\Profiles\ububmupp.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Portable\Foxit Reader\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Portable\Foxit Reader\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
==================== Services (Whitelisted) =================
R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] ()
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
==================== Drivers (Whitelisted) ====================
R2 6077757b; C:\Windows\system32\drivers\regi.sys [14112 2007-04-17] (InterVideo)
S3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-07] (ROCCAT Development, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2013-03-04] (DT Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-07] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-05-07] (Sony Ericsson Mobile Communications)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3567488 2011-10-17] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-12-16] ()
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-01-21] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-01-21] (Paragon)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-03-15] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 ArcSec; system32\drivers\ArcSec.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-11 05:25 - 2013-11-11 05:25 - 00000000 ____D C:\FRST
2013-11-11 05:25 - 2013-11-11 05:23 - 01957590 _____ (Farbar) C:\Users\MD\Desktop\FRST64.exe
2013-11-11 05:25 - 2013-11-11 05:23 - 00112128 _____ (forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
2013-11-09 02:40 - 2013-11-09 02:40 - 00000000 ____D C:\Users\MD\AppData\Roaming\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-09 02:39 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-08 06:13 - 2013-11-08 06:13 - 00000000 ____D C:\rsit
2013-11-08 05:59 - 2013-11-08 06:13 - 00000000 ____D C:\Program Files\trend micro
2013-11-07 21:10 - 2013-11-08 06:07 - 00000000 ____D C:\Qoobox
2013-11-02 15:03 - 2013-11-02 15:03 - 00000000 ____D C:\ProgramData\Steam
2013-10-22 19:29 - 2013-10-22 19:29 - 00000000 ____D C:\Users\MD\Documents\My Games
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\BRS
2013-10-20 15:31 - 2013-08-27 11:42 - 00437328 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2013-10-20 15:31 - 2013-08-27 11:42 - 00358480 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2013-10-20 15:31 - 2013-08-27 11:42 - 00064080 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2013-10-20 15:31 - 2013-08-27 11:42 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2013-10-20 15:31 - 2013-08-15 17:25 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2013-10-20 15:31 - 2013-08-15 17:25 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2013-10-20 15:31 - 2013-08-15 17:25 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-10-20 15:30 - 2013-10-20 15:30 - 00002131 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files (x86)\VMware
2013-10-20 15:30 - 2013-08-27 11:42 - 00930384 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2013-10-20 15:30 - 2013-08-26 22:33 - 00053816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2013-10-19 10:17 - 2013-11-11 05:19 - 00601450 _____ C:\Windows\WindowsUpdate.log
2013-10-17 20:34 - 2013-11-11 05:15 - 00002476 _____ C:\Windows\setupact.log
2013-10-17 20:34 - 2013-10-17 20:34 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 20:33 - 2013-11-08 05:44 - 00002266 _____ C:\Windows\PFRO.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00004229 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 20:22 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 20:22 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-17 20:22 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-17 20:22 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-17 20:09 - 2013-10-17 20:09 - 00433404 _____ C:\Users\MD\Documents\cc_20131017_210929.reg
2013-10-12 01:25 - 2013-10-12 01:25 - 00000000 ____D C:\Windows\ERUNT
2013-10-12 00:27 - 2013-10-12 00:27 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI
==================== One Month Modified Files and Folders =======
2013-11-11 05:25 - 2013-11-11 05:25 - 00000000 ____D C:\FRST
2013-11-11 05:24 - 2010-12-02 19:12 - 00637214 _____ C:\Windows\system32\perfh005.dat
2013-11-11 05:24 - 2010-12-02 19:12 - 00124330 _____ C:\Windows\system32\perfc005.dat
2013-11-11 05:24 - 2009-07-14 06:13 - 01487068 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:23 - 2013-11-11 05:25 - 01957590 _____ (Farbar) C:\Users\MD\Desktop\FRST64.exe
2013-11-11 05:23 - 2013-11-11 05:25 - 00112128 _____ (forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
2013-11-11 05:23 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 05:23 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 05:19 - 2013-10-19 10:17 - 00601450 _____ C:\Windows\WindowsUpdate.log
2013-11-11 05:17 - 2011-09-14 20:01 - 00000000 ____D C:\Users\MD\AppData\Roaming\Mozilla
2013-11-11 05:16 - 2012-12-15 12:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-11 05:16 - 2011-02-06 19:43 - 00000000 ____D C:\Users\MD\AppData\Roaming\Skype
2013-11-11 05:16 - 2011-02-06 12:27 - 00000000 ____D C:\ProgramData\VMware
2013-11-11 05:15 - 2013-10-17 20:34 - 00002476 _____ C:\Windows\setupact.log
2013-11-11 05:15 - 2010-12-08 05:08 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-11 05:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 08:33 - 2013-03-01 06:05 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 03:39 - 2012-03-29 22:24 - 00000000 ____D C:\Users\MD\AppData\Roaming\.oit
2013-11-09 09:23 - 2013-07-17 03:34 - 00000157 _____ C:\error.txt
2013-11-09 04:24 - 2011-02-27 06:14 - 00000000 ____D C:\Users\MD\AppData\Roaming\Foxit Software
2013-11-09 03:33 - 2011-02-06 13:42 - 00000000 ____D C:\Users\MD\AppData\Roaming\VMware
2013-11-09 03:33 - 2011-02-06 13:42 - 00000000 ____D C:\Users\MD\AppData\Local\VMware
2013-11-09 03:28 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-09 02:40 - 2013-11-09 02:40 - 00000000 ____D C:\Users\MD\AppData\Roaming\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-08 06:13 - 2013-11-08 06:13 - 00000000 ____D C:\rsit
2013-11-08 06:13 - 2013-11-08 05:59 - 00000000 ____D C:\Program Files\trend micro
2013-11-08 06:07 - 2013-11-07 21:10 - 00000000 ____D C:\Qoobox
2013-11-08 05:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-08 05:44 - 2013-10-17 20:33 - 00002266 _____ C:\Windows\PFRO.log
2013-11-07 21:11 - 2009-07-14 06:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-07 19:43 - 2013-03-06 20:54 - 00004248 _____ C:\Users\MD\Documents\TombRaider.log
2013-11-07 19:11 - 2011-02-12 01:12 - 00000000 ____D C:\Users\MD\Documents\Soubory aplikace Outlook
2013-11-07 19:10 - 2013-09-03 10:16 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-07 19:10 - 2013-05-06 08:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-11-02 15:03 - 2013-11-02 15:03 - 00000000 ____D C:\ProgramData\Steam
2013-11-02 15:03 - 2013-01-27 20:02 - 00000000 ____D C:\Users\MD\AppData\Roaming\Milestone
2013-10-26 00:22 - 2012-01-26 18:42 - 00000000 ____D C:\Users\MD\AppData\Local\Firestorm
2013-10-26 00:16 - 2011-02-21 01:15 - 00000000 ____D C:\ProgramData\Codemasters
2013-10-23 18:47 - 2011-02-05 11:29 - 00000000 ___RD C:\Users\MD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-22 19:29 - 2013-10-22 19:29 - 00000000 ____D C:\Users\MD\Documents\My Games
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\BRS
2013-10-22 19:26 - 2011-06-15 17:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-10-22 19:26 - 2011-02-21 01:13 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-10-22 19:15 - 2011-02-12 19:06 - 00000000 ____D C:\Users\MD\AppData\Roaming\DAEMON Tools Lite
2013-10-20 15:30 - 2013-10-20 15:30 - 00002131 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files (x86)\VMware
2013-10-20 15:30 - 2011-02-06 12:28 - 01503682 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-20 15:29 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-19 16:38 - 2011-02-05 16:05 - 00000000 ____D C:\Users\MD\AppData\Roaming\Media Player Classic
2013-10-19 09:39 - 2013-02-05 19:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-19 09:39 - 2011-02-06 19:18 - 00000000 ____D C:\ProgramData\Skype
2013-10-18 15:00 - 2011-02-05 11:26 - 00073360 _____ C:\Users\MD\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-17 20:43 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-10-17 20:43 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-10-17 20:43 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2013-10-17 20:34 - 2013-10-17 20:34 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 20:33 - 2012-12-15 12:39 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-10-17 20:33 - 2009-07-14 05:45 - 07247768 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-17 20:30 - 2013-02-03 14:05 - 00000000 ____D C:\Users\Administrator
2013-10-17 20:22 - 2013-10-17 20:22 - 00004229 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 20:22 - 2011-02-06 09:19 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-17 20:09 - 2013-10-17 20:09 - 00433404 _____ C:\Users\MD\Documents\cc_20131017_210929.reg
2013-10-17 20:08 - 2011-03-09 05:44 - 00000000 ____D C:\Users\MD\AppData\Roaming\uTorrent
2013-10-17 20:08 - 2011-02-05 11:25 - 00000000 ____D C:\Users\MD
2013-10-17 20:08 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2013-10-17 18:57 - 2011-02-12 00:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 04:05 - 2011-02-07 21:01 - 00007602 _____ C:\Users\MD\AppData\Local\Resmon.ResmonCfg
2013-10-12 01:47 - 2011-03-01 06:02 - 00000000 ____D C:\Windows\Minidump
2013-10-12 01:25 - 2013-10-12 01:25 - 00000000 ____D C:\Windows\ERUNT
2013-10-12 01:10 - 2010-08-26 12:38 - 00000000 ____D C:\Program Files (x86)\Acer
2013-10-12 00:59 - 2013-01-14 19:16 - 00000000 ____D C:\Program Files (x86)\TP-LINK
2013-10-12 00:52 - 2012-04-25 23:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-12 00:52 - 2012-04-25 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 00:27 - 2013-10-12 00:27 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-10 04:08
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:689.45 GB) (Free:623.88 GB) NTFS
Drive d: (DATA) (Fixed) (Total:689.71 GB) (Free:477.39 GB) NTFS
Drive m: (Media) (Fixed) (Total:3725.9 GB) (Free:1682.67 GB) NTFS
Drive v: (DuneHDD_b378d476_2fa2_42f0_9816_) (Network) (Total:931.22 GB) (Free:40.2 GB) NTFS
Available physical RAM: 6038.95 MB
Total physical RAM: 8183.07 MB
Percentage of memory in use: 26%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: E6C00821)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
Disk: 1 (Size: 3726 GB) (Disk ID: 02236B64)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:D2F2F703
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
==================== Security Center ==================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\MD\Desktop" je 1014 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler
C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (7.02 KiB) Staženo 31 x
Re: Vysoká teplota GPU při spuštění Java
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] () HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] () HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] () HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] () S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 AlternateDataStreams: C:\ProgramData\Temp:1A60DE96 AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F AlternateDataStreams: C:\ProgramData\Temp:798A3728 AlternateDataStreams: C:\ProgramData\Temp:93EB7685 AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE AlternateDataStreams: C:\ProgramData\Temp:D2F2F703 AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 AlternateDataStreams: C:\ProgramData\Temp:E3C56885 REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká teplota GPU při spuštění Java
Výsledek fixu:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013 01
Ran by MD at 2013-11-11 18:50:31 Run:1
Running from C:\Users\MD\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] ()
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:D2F2F703
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vmware-tray.exe => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
HKU\UpdatusUser\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
MpsSvc => Service deleted successfully.
MpsSvc => Service not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":1A60DE96" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":93EB7685" ADS removed successfully.
C:\ProgramData\Temp => ":CDFF58FE" ADS removed successfully.
C:\ProgramData\Temp => ":D2F2F703" ADS removed successfully.
C:\ProgramData\Temp => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\Temp => ":E36F5B57" ADS removed successfully.
C:\ProgramData\Temp => ":E3C56885" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013 01
Ran by MD at 2013-11-11 18:50:31 Run:1
Running from C:\Users\MD\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] ()
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:D2F2F703
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vmware-tray.exe => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
HKU\UpdatusUser\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
MpsSvc => Service deleted successfully.
MpsSvc => Service not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":1A60DE96" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":93EB7685" ADS removed successfully.
C:\ProgramData\Temp => ":CDFF58FE" ADS removed successfully.
C:\ProgramData\Temp => ":D2F2F703" ADS removed successfully.
C:\ProgramData\Temp => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\Temp => ":E36F5B57" ADS removed successfully.
C:\ProgramData\Temp => ":E3C56885" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Vysoká teplota GPU při spuštění Java
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká teplota GPU při spuštění Java
Víceméně normálně, ale při spuštění toho java downloaderu FRD, aniž by vykonával jakoukoliv činnost, jen běží na pozadí, během cca 3 minut vyjede teplota GPU o 20-25° nahoru. S tím i otáčky ventilátoru GPU. Běžná teplota GPU bez nějaké větší zátěže se pohybuje do 50°, ale v tomto případě vyletí až na 75°. Předtím, než jsem se sem přihlásil, vybíhala na 85° i více a to výrazně rychleji. Při spuštění firefoxu se zvýší cca o 3-5°. Teplota CPU se nemění.
A ještě jsem zjistil, že nejde spustit ovládací panel nVidia - skončí to hláškou, že přestal pracovat. Ale to mohlo být předtím. Nejspíš jsem v tom panelu nějaký čas nebyl.
A ještě jsem zjistil, že nejde spustit ovládací panel nVidia - skončí to hláškou, že přestal pracovat. Ale to mohlo být předtím. Nejspíš jsem v tom panelu nějaký čas nebyl.
Re: Vysoká teplota GPU při spuštění Java
Zkuste preinstalovat ovladac ke graficke karte Bohuzel s tim FRD neporadim, jsme bezpecnostni forum - muzete zkusit jejich podporu ci podobne zamerena fora"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká teplota GPU při spuštění Java
Tu grafickou kartu každopádně přeinstaluju, to není problém, stejně se objevily novější ovladače.
Na fórum FRD se podívám.
Každopádně moc děkuju za pomoc a čas, který jste mi věnoval.
Anti-malware mám odinstalovat, nebo ponechat? Nebude se to dlouhodobě bít s Kaspersky Internet Security ?
Na fórum FRD se podívám.
Každopádně moc děkuju za pomoc a čas, který jste mi věnoval.
Anti-malware mám odinstalovat, nebo ponechat? Nebude se to dlouhodobě bít s Kaspersky Internet Security ?
Přispějete na provoz fóra?