VIRY.CZ

Zdravím, poslední zhruba dva týdny se mi zvyšuje teplota GPU a tím i otáčky ventilátoru grafiky, při spuštění zdánlivě nevinných aplikací - Free Rapid Downloader (java aplikace pro stahování z rapidshare apod.) nebo Firefoxu, případně starých her, ne příliš náročných na grafiku.
Nejdřív jsem měl podezření a zaprášené chladiče, tak jsem rozebral počítač a vše vyčistli, na GPU i CPU jsem dal novou teplovodivou pastu. Situace se trochu zlepšila, ale pořád to není podle mě normální.
Prosím o pomoc a kontrolu logu, jestli tam nemám něco, co tam být nemá.
Díky.

Logfile of random's system information tool 1.09 (written by random/random)
Run by MD at 2013-11-08 06:13:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 638 GB (90%) free of 706 GB
Total RAM: 8183 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:13:14, on 8.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
D:\Apps\WinCmd\TOTALCMD.EXE
D:\Portable\FirefoxPortable\FirefoxPortable.exe
D:\Portable\FirefoxPortable\App\firefox\firefox.exe
D:\Portable\FirefoxPortable\App\firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files\trend micro\MD.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: Convert to Palm e-Book - C:\Program Files (x86)\WavePDB\WavePDB.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do součásti Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus (avp) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MpsSvc - Unknown owner - C:\Windows\.
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Správce zabezpečení účtů (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8753 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe" -r
C:\Windows\system32\svchost.exe -k imgsvc
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Windows\SysWOW64\vmnat.exe
"taskhost.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe" -hidden /prefetch:1
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a1c93efd-d382-4b47-86c4-dd632d979a41 -SystemEventPortName:HostProcess-60271c83-b809-460a-9852-12e0f807fef7 -IoCancelEventPortName:HostProcess-601e6e5e-3ae0-4a02-a470-9f3608dad4fb -NonStateChangingEventPortName:HostProcess-ac420c6f-0d3f-48bc-83db-34f5b794c60f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6bd042d8-8e61-440e-af10-ff126ca01376
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\explorer.exe
"D:\Apps\WinCmd\TOTALCMD.EXE"
C:\Windows\System32\svchost.exe -k swprv
taskhost.exe $(Arg0)
"D:\Portable\FirefoxPortable\FirefoxPortable.exe"
"D:\Portable\FirefoxPortable\App\firefox\firefox.exe" -profile "D:\Portable\FirefoxPortable\Data\profile"
"D:\Portable\FirefoxPortable\App\firefox\plugin-container.exe" --channel=7284.bfae500.217730961 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" -greomni "D:\Portable\FirefoxPortable\App\firefox\omni.ja" -appomni "D:\Portable\FirefoxPortable\App\firefox\browser\omni.ja" -appdir "D:\Portable\FirefoxPortable\App\firefox\browser" 52112BB4F82D2DE6 7284 "\\.\pipe\gecko-crash-server-pipe.7284" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash8600.5E20CA40.14261 --host-broker-channel=Flash8600.5E20CA40.21353 --host-pid=8600 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=8784.0027F258.432693255 --proxy-stub-channel=Flash8600.5E20CA40.14261 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer
"D:\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 800448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1438400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 525504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 988864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 655040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1179840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 434368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 793280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-18 10810912]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"tsnp2uvc"=C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [2011-12-02 318976]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2013-08-27 111696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-11-08 06:13:12 ----D---- C:\rsit
2013-11-08 05:59:04 ----D---- C:\Program Files\trend micro
2013-11-08 05:45:34 ----D---- C:\$RECYCLE.BIN
2013-11-07 21:10:51 ----D---- C:\Qoobox
2013-11-02 15:03:02 ----D---- C:\ProgramData\Steam
2013-10-22 19:26:38 ----D---- C:\Program Files (x86)\BRS
2013-10-22 19:26:08 ----D---- C:\Windows\SYSWOW64\xlive
2013-10-22 19:26:08 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-20 15:31:20 ----A---- C:\Windows\SYSWOW64\vsocklib.dll
2013-10-20 15:31:20 ----A---- C:\Windows\system32\vsocklib.dll
2013-10-20 15:31:20 ----A---- C:\Windows\system32\drivers\vsock.sys
2013-10-20 15:31:19 ----A---- C:\Windows\system32\drivers\vmx86.sys
2013-10-20 15:31:08 ----A---- C:\Windows\SYSWOW64\vmnetdhcp.exe
2013-10-20 15:31:07 ----A---- C:\Windows\SYSWOW64\vmnat.exe
2013-10-20 15:31:02 ----A---- C:\Windows\system32\drivers\vmnetuserif.sys
2013-10-20 15:30:57 ----A---- C:\Windows\system32\vnetlib64.dll
2013-10-20 15:30:54 ----A---- C:\Windows\system32\drivers\hcmon.sys
2013-10-20 15:30:34 ----D---- C:\Program Files\Common Files\VMware
2013-10-20 15:30:09 ----D---- C:\Program Files (x86)\VMware
2013-10-17 20:22:38 ----D---- C:\ProgramData\Oracle
2013-10-17 20:22:33 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-17 20:22:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-17 20:22:30 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-17 20:22:30 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-12 01:25:14 ----D---- C:\Windows\ERUNT
2013-10-12 00:27:59 ----D---- C:\Program Files (x86)\SafePCRepair_89EI
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-10-10 19:38:21 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvoglv64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvir3dgenco6420172.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvinitx.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\NvIFR64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvhdap64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\NvFBC64.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvdispgenco6432723.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvdispco6432723.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-10 19:38:21 ----A---- C:\Windows\system32\drivers\nvstusb.sys
2013-10-10 19:38:21 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-10 19:38:21 ----A---- C:\Windows\system32\drivers\nvhda64v.sys

======List of files/folders modified in the last 1 month======

2013-11-08 06:13:13 ----D---- C:\Windows\Temp
2013-11-08 06:12:29 ----D---- C:\Users\MD\AppData\Roaming\Mozilla
2013-11-08 06:08:38 ----D---- C:\Windows\Prefetch
2013-11-08 06:08:12 ----AD---- C:\Windows
2013-11-08 05:59:04 ----RD---- C:\Program Files
2013-11-08 05:53:28 ----D---- C:\Windows\System32
2013-11-08 05:53:28 ----D---- C:\Windows\inf
2013-11-08 05:53:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-08 05:50:17 ----D---- C:\Windows\system32\drivers
2013-11-08 05:46:16 ----D---- C:\Users\MD\AppData\Roaming\Skype
2013-11-08 05:45:38 ----A---- C:\Windows\system.ini
2013-11-08 05:45:32 ----D---- C:\Windows\system32\drivers\etc
2013-11-08 05:45:19 ----D---- C:\ProgramData\Kaspersky Lab
2013-11-08 05:45:10 ----D---- C:\ProgramData\VMware
2013-11-08 05:45:04 ----SHD---- C:\System Volume Information
2013-11-08 05:45:02 ----D---- C:\ProgramData\NVIDIA
2013-11-08 05:42:24 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-08 05:42:24 ----D---- C:\Windows\SysWOW64
2013-11-08 05:42:24 ----D---- C:\Windows\AppPatch
2013-11-08 05:42:23 ----D---- C:\Program Files (x86)\Common Files
2013-11-07 21:17:26 ----D---- C:\ProgramData
2013-11-07 20:43:05 ----A---- C:\error.txt
2013-11-07 19:52:07 ----AD---- C:\ProgramData\Temp
2013-11-07 19:11:04 ----SHD---- C:\Windows\Installer
2013-11-05 21:38:17 ----D---- C:\Users\MD\AppData\Roaming\VMware
2013-11-05 21:30:37 ----D---- C:\Users\MD\AppData\Roaming\.oit
2013-11-02 15:03:03 ----D---- C:\Users\MD\AppData\Roaming\Milestone
2013-11-02 09:20:41 ----D---- C:\Users\MD\AppData\Roaming\Foxit Software
2013-11-01 04:25:31 ----D---- C:\Windows\system32\catroot2
2013-10-29 03:00:15 ----D---- C:\Windows\system32\FxsTmp
2013-10-26 00:16:25 ----D---- C:\ProgramData\Codemasters
2013-10-22 19:26:38 ----RD---- C:\Program Files (x86)
2013-10-22 19:26:34 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2013-10-22 19:26:34 ----A---- C:\Windows\system32\OpenAL32.dll
2013-10-22 19:25:05 ----D---- C:\Windows\Logs
2013-10-22 19:15:01 ----D---- C:\Users\MD\AppData\Roaming\DAEMON Tools Lite
2013-10-20 15:31:20 ----D---- C:\Windows\system32\DriverStore
2013-10-20 15:31:20 ----D---- C:\Windows\system32\catroot
2013-10-20 15:30:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-20 15:30:34 ----D---- C:\Program Files\Common Files
2013-10-20 15:29:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-19 16:38:40 ----D---- C:\Users\MD\AppData\Roaming\Media Player Classic
2013-10-19 10:17:38 ----D---- C:\Windows\SoftwareDistribution
2013-10-19 09:39:53 ----D---- C:\ProgramData\Skype
2013-10-19 09:39:52 ----RD---- C:\Program Files (x86)\Skype
2013-10-17 20:33:14 ----D---- C:\Program Files (x86)\Kaspersky Lab
2013-10-17 20:22:30 ----D---- C:\Program Files (x86)\Java
2013-10-17 20:08:48 ----D---- C:\Windows\Panther
2013-10-17 20:08:48 ----D---- C:\Users\MD\AppData\Roaming\uTorrent
2013-10-17 20:08:47 ----D---- C:\Windows\debug
2013-10-17 18:57:03 ----D---- C:\ProgramData\Microsoft Help
2013-10-12 02:57:27 ----D---- C:\Windows\Microsoft.NET
2013-10-12 01:47:58 ----D---- C:\Windows\Minidump
2013-10-12 01:10:07 ----D---- C:\Program Files (x86)\Acer
2013-10-12 01:06:33 ----RSD---- C:\Windows\assembly
2013-10-12 01:05:58 ----SD---- C:\ProgramData\Microsoft
2013-10-12 00:59:22 ----D---- C:\Program Files (x86)\TP-LINK
2013-10-12 00:52:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-12 00:52:05 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 23:31:15 ----D---- C:\Windows\system32\wdi
2013-10-10 20:17:59 ----RD---- C:\Users
2013-10-10 19:41:19 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-10-10 17:11:14 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-10 16:58:19 ----D---- C:\Windows\system32\config
2013-10-10 05:02:36 ----D---- C:\Windows\LiveKernelReports
2013-10-09 12:33:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-11-07 458336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-16 513080]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2013-08-15 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2013-08-15 73296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-04 254528]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-11-07 623200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-17 29792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 55904]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-06-06 178784]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 6077757b;6077757b; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-08-26 53816]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-08-27 46160]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-08-27 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-08-27 64080]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi20-shared.sys [2013-02-22 33872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-05-18 2371744]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-17 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-17 29280]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\DRIVERS\nvstusb.sys [2013-06-23 450848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2013-05-07 34032]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-08-27 20560]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys []
S1 Uim_IM;Universal Image Mounter Plugin; C:\Windows\System32\Drivers\Uim_IMx64.sys [2011-01-21 528464]
S1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\uimx64.sys [2011-01-21 53840]
S2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
S3 ArvoFltr;ROCCAT Arvo; C:\Windows\system32\drivers\ArvoFltr.sys [2009-05-07 15872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-05-07 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-05-07 27760]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-10-17 3567488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-04-12 131856]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-03-15 106256]
S3 WinUsb;Sony Ericsson sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 36936]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2013-06-08 112224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avp;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-17 214512]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 USBS3S4Detection;USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2013-08-27 86096]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-08-27 358480]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-08-26 904248]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-08-27 437328]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2013-08-27 14401104]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-05 1255736]
S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 nvsvc;nvsvc; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
S4 nvUpdatusService;nvUpdatusService; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]

-----------------EOF-----------------

Zdravim

Vy jste tam neco provadel s ComboFixem, ze?

Ano, přiznám se, že jsem ho spustil a nechal proběhnout. Dostal se mi do ruky dřív, než jsem tu zaregistroval a přečetl si v pravidlech, že bych ho neměl použít bez vaší rady. Je to problém ?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Log z nej uz nenajdete co?? Mel by byt c:\combofix.txt

Najdete tento soubor c:\windows\sysWOW64\cmd.exe, kliknete na nej pravym mysidlem a dejte Run As Administrator ci Spustit jako spravce, pak napiste CACLS "C:\Qoobox\BackEnv" /T /E /G Everyone:F - enter

Zabalte mi slozku c:\qoobox a nekam uploadnete

Ten log combofix.txt tam opravdu nemám.
Zabalenou složku Qoobox přikládám.

No super, muzu jen odhadovatr co CF provadel, jelikoz jste jej i odinstalovaval, ze

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Anti-Malware nainstalováno, aktualizováno a spuštěna úplná kontrola.
Výsledek:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.08.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
MD :: PREDATOR [administrátor]

Ochrana: Povolena

9.11.2013 2:41:29
MBAM-log-2013-11-09 (05-09-39).txt

Typ: Kompletní kontrola (C:\|D:\|M:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 661648
Uplynulý čas: 2 hodin, 26 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
D:\Apps\WinCmd\Plugins\wfx\IECache\IECache.wfx (Spyware.Banker) -> Nebyla provedena žádná instrukce.

(konec)

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by MD (administrator) on PREDATOR on 11-11-2013 05:25:41
Running from C:\Users\MD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(PortableApps.com) D:\Portable\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) D:\Portable\FirefoxPortable\App\firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) D:\Portable\FirefoxPortable\App\firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Ghisler Software GmbH) D:\Apps\WinCmd\TOTALCMD.EXE
(forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10810912 2010-05-18] (Realtek Semiconductor)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\Run: [tsnp2uvc] - C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [318976 2011-12-02] (Sonix Technology Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\MD\AppData\Roaming\Mozilla\Firefox\Profiles\ububmupp.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Portable\Foxit Reader\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Portable\Foxit Reader\App\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com

==================== Services (Whitelisted) =================

R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] ()
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()

==================== Drivers (Whitelisted) ====================

R2 6077757b; C:\Windows\system32\drivers\regi.sys [14112 2007-04-17] (InterVideo)
S3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-07] (ROCCAT Development, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2013-03-04] (DT Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-07] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-05-07] (Sony Ericsson Mobile Communications)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3567488 2011-10-17] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-12-16] ()
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-01-21] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-01-21] (Paragon)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-03-15] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 ArcSec; system32\drivers\ArcSec.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-11 05:25 - 2013-11-11 05:25 - 00000000 ____D C:\FRST
2013-11-11 05:25 - 2013-11-11 05:23 - 01957590 _____ (Farbar) C:\Users\MD\Desktop\FRST64.exe
2013-11-11 05:25 - 2013-11-11 05:23 - 00112128 _____ (forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
2013-11-09 02:40 - 2013-11-09 02:40 - 00000000 ____D C:\Users\MD\AppData\Roaming\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-09 02:39 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-08 06:13 - 2013-11-08 06:13 - 00000000 ____D C:\rsit
2013-11-08 05:59 - 2013-11-08 06:13 - 00000000 ____D C:\Program Files\trend micro
2013-11-07 21:10 - 2013-11-08 06:07 - 00000000 ____D C:\Qoobox
2013-11-02 15:03 - 2013-11-02 15:03 - 00000000 ____D C:\ProgramData\Steam
2013-10-22 19:29 - 2013-10-22 19:29 - 00000000 ____D C:\Users\MD\Documents\My Games
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\BRS
2013-10-20 15:31 - 2013-08-27 11:42 - 00437328 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2013-10-20 15:31 - 2013-08-27 11:42 - 00358480 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2013-10-20 15:31 - 2013-08-27 11:42 - 00064080 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2013-10-20 15:31 - 2013-08-27 11:42 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2013-10-20 15:31 - 2013-08-15 17:25 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2013-10-20 15:31 - 2013-08-15 17:25 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2013-10-20 15:31 - 2013-08-15 17:25 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-10-20 15:30 - 2013-10-20 15:30 - 00002131 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files (x86)\VMware
2013-10-20 15:30 - 2013-08-27 11:42 - 00930384 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2013-10-20 15:30 - 2013-08-26 22:33 - 00053816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2013-10-19 10:17 - 2013-11-11 05:19 - 00601450 _____ C:\Windows\WindowsUpdate.log
2013-10-17 20:34 - 2013-11-11 05:15 - 00002476 _____ C:\Windows\setupact.log
2013-10-17 20:34 - 2013-10-17 20:34 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 20:33 - 2013-11-08 05:44 - 00002266 _____ C:\Windows\PFRO.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00004229 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 20:22 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 20:22 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-17 20:22 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-17 20:22 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-17 20:09 - 2013-10-17 20:09 - 00433404 _____ C:\Users\MD\Documents\cc_20131017_210929.reg
2013-10-12 01:25 - 2013-10-12 01:25 - 00000000 ____D C:\Windows\ERUNT
2013-10-12 00:27 - 2013-10-12 00:27 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI

==================== One Month Modified Files and Folders =======

2013-11-11 05:25 - 2013-11-11 05:25 - 00000000 ____D C:\FRST
2013-11-11 05:24 - 2010-12-02 19:12 - 00637214 _____ C:\Windows\system32\perfh005.dat
2013-11-11 05:24 - 2010-12-02 19:12 - 00124330 _____ C:\Windows\system32\perfc005.dat
2013-11-11 05:24 - 2009-07-14 06:13 - 01487068 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:23 - 2013-11-11 05:25 - 01957590 _____ (Farbar) C:\Users\MD\Desktop\FRST64.exe
2013-11-11 05:23 - 2013-11-11 05:25 - 00112128 _____ (forum.viry.cz) C:\Users\MD\Desktop\FRSTLauncher.exe
2013-11-11 05:23 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 05:23 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 05:19 - 2013-10-19 10:17 - 00601450 _____ C:\Windows\WindowsUpdate.log
2013-11-11 05:17 - 2011-09-14 20:01 - 00000000 ____D C:\Users\MD\AppData\Roaming\Mozilla
2013-11-11 05:16 - 2012-12-15 12:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-11 05:16 - 2011-02-06 19:43 - 00000000 ____D C:\Users\MD\AppData\Roaming\Skype
2013-11-11 05:16 - 2011-02-06 12:27 - 00000000 ____D C:\ProgramData\VMware
2013-11-11 05:15 - 2013-10-17 20:34 - 00002476 _____ C:\Windows\setupact.log
2013-11-11 05:15 - 2010-12-08 05:08 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-11 05:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 08:33 - 2013-03-01 06:05 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 03:39 - 2012-03-29 22:24 - 00000000 ____D C:\Users\MD\AppData\Roaming\.oit
2013-11-09 09:23 - 2013-07-17 03:34 - 00000157 _____ C:\error.txt
2013-11-09 04:24 - 2011-02-27 06:14 - 00000000 ____D C:\Users\MD\AppData\Roaming\Foxit Software
2013-11-09 03:33 - 2011-02-06 13:42 - 00000000 ____D C:\Users\MD\AppData\Roaming\VMware
2013-11-09 03:33 - 2011-02-06 13:42 - 00000000 ____D C:\Users\MD\AppData\Local\VMware
2013-11-09 03:28 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-09 02:40 - 2013-11-09 02:40 - 00000000 ____D C:\Users\MD\AppData\Roaming\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 02:39 - 2013-11-09 02:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-08 06:13 - 2013-11-08 06:13 - 00000000 ____D C:\rsit
2013-11-08 06:13 - 2013-11-08 05:59 - 00000000 ____D C:\Program Files\trend micro
2013-11-08 06:07 - 2013-11-07 21:10 - 00000000 ____D C:\Qoobox
2013-11-08 05:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-08 05:44 - 2013-10-17 20:33 - 00002266 _____ C:\Windows\PFRO.log
2013-11-07 21:11 - 2009-07-14 06:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-07 19:43 - 2013-03-06 20:54 - 00004248 _____ C:\Users\MD\Documents\TombRaider.log
2013-11-07 19:11 - 2011-02-12 01:12 - 00000000 ____D C:\Users\MD\Documents\Soubory aplikace Outlook
2013-11-07 19:10 - 2013-09-03 10:16 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-07 19:10 - 2013-05-06 08:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-11-02 15:03 - 2013-11-02 15:03 - 00000000 ____D C:\ProgramData\Steam
2013-11-02 15:03 - 2013-01-27 20:02 - 00000000 ____D C:\Users\MD\AppData\Roaming\Milestone
2013-10-26 00:22 - 2012-01-26 18:42 - 00000000 ____D C:\Users\MD\AppData\Local\Firestorm
2013-10-26 00:16 - 2011-02-21 01:15 - 00000000 ____D C:\ProgramData\Codemasters
2013-10-23 18:47 - 2011-02-05 11:29 - 00000000 ___RD C:\Users\MD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-22 19:29 - 2013-10-22 19:29 - 00000000 ____D C:\Users\MD\Documents\My Games
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-10-22 19:26 - 2013-10-22 19:26 - 00000000 ____D C:\Program Files (x86)\BRS
2013-10-22 19:26 - 2011-06-15 17:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-10-22 19:26 - 2011-02-21 01:13 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-10-22 19:15 - 2011-02-12 19:06 - 00000000 ____D C:\Users\MD\AppData\Roaming\DAEMON Tools Lite
2013-10-20 15:30 - 2013-10-20 15:30 - 00002131 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-10-20 15:30 - 2013-10-20 15:30 - 00000000 ____D C:\Program Files (x86)\VMware
2013-10-20 15:30 - 2011-02-06 12:28 - 01503682 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-20 15:29 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-19 16:38 - 2011-02-05 16:05 - 00000000 ____D C:\Users\MD\AppData\Roaming\Media Player Classic
2013-10-19 09:39 - 2013-02-05 19:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-19 09:39 - 2011-02-06 19:18 - 00000000 ____D C:\ProgramData\Skype
2013-10-18 15:00 - 2011-02-05 11:26 - 00073360 _____ C:\Users\MD\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-17 20:43 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-10-17 20:43 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-10-17 20:43 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2013-10-17 20:34 - 2013-10-17 20:34 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 20:33 - 2012-12-15 12:39 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-10-17 20:33 - 2009-07-14 05:45 - 07247768 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-17 20:30 - 2013-02-03 14:05 - 00000000 ____D C:\Users\Administrator
2013-10-17 20:22 - 2013-10-17 20:22 - 00004229 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 20:22 - 2013-10-17 20:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 20:22 - 2011-02-06 09:19 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-17 20:09 - 2013-10-17 20:09 - 00433404 _____ C:\Users\MD\Documents\cc_20131017_210929.reg
2013-10-17 20:08 - 2011-03-09 05:44 - 00000000 ____D C:\Users\MD\AppData\Roaming\uTorrent
2013-10-17 20:08 - 2011-02-05 11:25 - 00000000 ____D C:\Users\MD
2013-10-17 20:08 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2013-10-17 18:57 - 2011-02-12 00:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 04:05 - 2011-02-07 21:01 - 00007602 _____ C:\Users\MD\AppData\Local\Resmon.ResmonCfg
2013-10-12 01:47 - 2011-03-01 06:02 - 00000000 ____D C:\Windows\Minidump
2013-10-12 01:25 - 2013-10-12 01:25 - 00000000 ____D C:\Windows\ERUNT
2013-10-12 01:10 - 2010-08-26 12:38 - 00000000 ____D C:\Program Files (x86)\Acer
2013-10-12 00:59 - 2013-01-14 19:16 - 00000000 ____D C:\Program Files (x86)\TP-LINK
2013-10-12 00:52 - 2012-04-25 23:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-12 00:52 - 2012-04-25 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 00:27 - 2013-10-12 00:27 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-10 04:08

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:689.45 GB) (Free:623.88 GB) NTFS
Drive d: (DATA) (Fixed) (Total:689.71 GB) (Free:477.39 GB) NTFS
Drive m: (Media) (Fixed) (Total:3725.9 GB) (Free:1682.67 GB) NTFS
Drive v: (DuneHDD_b378d476_2fa2_42f0_9816_) (Network) (Total:931.22 GB) (Free:40.2 GB) NTFS

Available physical RAM: 6038.95 MB
Total physical RAM: 8183.07 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: E6C00821)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
Disk: 1 (Size: 3726 GB) (Disk ID: 02236B64)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:D2F2F703
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

==================== Security Center ==================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\MD\Desktop" je 1014 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler
C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] ()
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] ()

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:D2F2F703
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Výsledek fixu:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013 01
Ran by MD at 2013-11-11 18:50:31 Run:1
Running from C:\Users\MD\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

S3 MpsSvc; C:\Windows\System32\. [0 2013-11-11] ()
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-11-08] ()

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:D2F2F703
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vmware-tray.exe => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
HKU\UpdatusUser\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
MpsSvc => Service deleted successfully.
MpsSvc => Service not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":1A60DE96" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":93EB7685" ADS removed successfully.
C:\ProgramData\Temp => ":CDFF58FE" ADS removed successfully.
C:\ProgramData\Temp => ":D2F2F703" ADS removed successfully.
C:\ProgramData\Temp => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\Temp => ":E36F5B57" ADS removed successfully.
C:\ProgramData\Temp => ":E3C56885" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

Jak se chova PC

Víceméně normálně, ale při spuštění toho java downloaderu FRD, aniž by vykonával jakoukoliv činnost, jen běží na pozadí, během cca 3 minut vyjede teplota GPU o 20-25° nahoru. S tím i otáčky ventilátoru GPU. Běžná teplota GPU bez nějaké větší zátěže se pohybuje do 50°, ale v tomto případě vyletí až na 75°. Předtím, než jsem se sem přihlásil, vybíhala na 85° i více a to výrazně rychleji. Při spuštění firefoxu se zvýší cca o 3-5°. Teplota CPU se nemění.
A ještě jsem zjistil, že nejde spustit ovládací panel nVidia - skončí to hláškou, že přestal pracovat. Ale to mohlo být předtím. Nejspíš jsem v tom panelu nějaký čas nebyl.

Zkuste preinstalovat ovladac ke graficke karte

Bohuzel s tim FRD neporadim, jsme bezpecnostni forum - muzete zkusit jejich podporu ci podobne zamerena fora

Tu grafickou kartu každopádně přeinstaluju, to není problém, stejně se objevily novější ovladače.
Na fórum FRD se podívám.
Každopádně moc děkuju za pomoc a čas, který jste mi věnoval.
Anti-malware mám odinstalovat, nebo ponechat? Nebude se to dlouhodobě bít s Kaspersky Internet Security ?

VIRY.CZ

Vysoká teplota GPU při spuštění Java

Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java

Re: Vysoká teplota GPU při spuštění Java