Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Problem se souborem csrss.exe

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
freeacer
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 19 led 2012 17:39

Problem se souborem csrss.exe

#1 Příspěvek od freeacer »

Zdravím,
včera kolem druhé rano jsem po dlouhe době spustil Counter strike 1.6(asi po roce), pripojil se na italsky nonsteamovy server OMONAS. Samozrejme hned na to probehlo stahovani updatu jako jsou zvuky, mapy atd,to vse zatím probihalo ve hre,ale najednou po dokonceni updatu me to hodilo do Windows a zobrazila se hlaska chcete nainstalovat patch : nejaky nazev omonas.exe....tak jsem samozrejme odklikl ano a patch nainstaloval(protože jsem to prisuzoval jako neskodne a nutne). Pote me to hodilo zpet do hry a mohl jsem zacit klasicky hrat(vybirat hrace,zbrane atd), ale zacly problémy. Hra se sekala ping byl OK,ale fps nesly vys nez 10 FPS. Tak jsem to prisuzoval spatnemu serveru. Hru jsem vypl, vypl i PC a sel spat. Dnes kolem seste vecer jsem spusti WOT a najednou ten samy problém, ping OK ale fps nesly vys jak 10. At spustim jakoukoliv jinou hru(at multiplayer nebo singlplayer),tak stále ten samy problém. Hry jsou nehratelne, sekaji se. Preinstaloval jsem ovladace ke grafice,ale nepomohlo. Udelal jsem defragmentaci disku, odinstaloval nejaky ten balast,procistil registry,ale stále stejny problém. Tak jsem googlil a googlil a googlil a zjistil jsem ze by mohl byt problém s timto procesem csrss.exe. Je to systemovy soubor,ktery se stara o řízení většiny grafických instrukčních sad(jsem se docetl) a byva často napadan hackery. Tak vas timto prosim o radu a zkontrolovani logu. Akorát potrebuji jen vedet v jakem programu chcete log vytvořit.
Děkuji moc za jakékoliv rady a příspěvky. Už jsem bezradný.
Nahoru
freeacer
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 19 led 2012 17:39

Re: Problem se souborem csrss.exe

#2 Příspěvek od freeacer »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Freeacer at 2013-05-03 00:38:18
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (27%) free of 100 GB
Total RAM: 3932 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:38:24, on 3.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\pdfconverter.com\PDF Converter Elite\3.0\pcSONPrnDisp.exe
C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
C:\Users\Freeacer\Downloads\Free_HDD_LED.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Genius\Gila\mousehid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Genius\Gila\trayicon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Freeacer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Gila] C:\Program Files (x86)\Genius\Gila\mousehid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google] C:\Users\Freeacer\AppData\Roaming\googleoez.exe
O4 - HKCU\..\Run: [PolkastLibrary] C:\Program Files (x86)\Polkast\PolkastLibrary.exe "auto"
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [Free HDD LED] C:\Users\Freeacer\Downloads\Free_HDD_LED.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifeNB.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7AA5B134-0D5A-4791-9ACA-5A809BC63D40}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{7AE213E1-0371-4DA9-8924-698E78A8145E}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B3EC6C5-7152-49BC-B900-CC0E3ED1EFA6}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E9CE964-03E7-40F8-AB6A-4B56DE1C81BB}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F7FD60A-85CC-422E-9736-2C765C8E18B7}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7B4526C-C1C6-495C-A527-39B7C88BAC93}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{B274A1EB-6717-4F58-BD3F-5E9AA52A68E2}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{C958AE3F-72C1-47B9-9EB2-DF415B502A2F}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE93B696-8EF7-463D-94BA-60DB1E843B14}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE9E0F01-8C3F-C8F6-9A31-846B61C32578}: NameServer = 93.153.117.33 93.153.117.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Users\Freeacer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\SkypeGadget1.3.gadget\wrapper\Skype4COM.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17543 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe"
"C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\SysWow64\IntelCpHeciSvc.exe
"C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\SysWOW64\rpcnet.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\SysWOW64\svchost.exe -k MbnExt
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe"
"C:\Program Files (x86)\pdfconverter.com\PDF Converter Elite\3.0\pcSONPrnDisp.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\OO Software\Defrag\oodtray.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Freeacer\Downloads\Free_HDD_LED.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Genius\Gila\mousehid.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Genius\Gila\trayicon.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d4a7a11e-d85a-46bb-a693-123bfcbcad87 -SystemEventPortName:HostProcess-76372265-4629-4d1a-b3ec-f8befe7b7e9b -IoCancelEventPortName:HostProcess-21fd2860-e196-4687-9e60-fba33572dbd0 -NonStateChangingEventPortName:HostProcess-95ecf970-f25a-4160-828c-815d17f2f039 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4c945186-5a36-4fb9-919b-6a5046b9f0ec -DeviceGroupId:WpdFsGroup
taskmgr.exe /3
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Freeacer\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Freeacer\AppData\Roaming\Mozilla\Firefox\Profiles\m09im4s1.default

prefs.js - "browser.startup.homepage" - "https://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-27 341448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-27 341448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-27 341448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PDF Converter Elite Print Dispatcher"=C:\Program Files (x86)\pdfconverter.com\PDF Converter Elite\3.0\pcSONPrnDisp.exe [2012-01-25 335872]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 1829768]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-01 2886416]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2012-09-14 7060848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-26 6325936]
"Ashampoo HDD-Control 2 Guard"=C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [2012-07-30 3783592]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-03-22 36352]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-29 13513288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-03-22 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-03-22 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-03-22 442352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Google"=C:\Users\Freeacer\AppData\Roaming\googleoez.exe []
"PolkastLibrary"=C:\Program Files (x86)\Polkast\PolkastLibrary.exe auto []
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
"Free HDD LED"=C:\Users\Freeacer\Downloads\Free_HDD_LED.exe [2013-03-13 258560]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-12-04 773728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2012-07-27 36800]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2012-07-27 823224]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-08-15 104088]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-03-23 1105488]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-02-20 1151152]
"Driver Genius"= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]
"Gila"=C:\Program Files (x86)\Genius\Gila\mousehid.exe [2013-01-07 307712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
AVer HID Receiver.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O&O Defrag Tray.lnk - C:\Windows\Installer\{07D8F982-2B93-4805-B15D-7569023A394D}\DefragIcon.exe
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

C:\Users\Freeacer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HDDlife.lnk - C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifeNB.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-03-08 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-05-03 00:38:18 ----D---- C:\rsit
2013-05-03 00:38:18 ----D---- C:\Program Files\trend micro
2013-05-02 23:36:04 ----D---- C:\Users\Freeacer\AppData\Roaming\DriverCure
2013-05-02 23:36:03 ----D---- C:\Users\Freeacer\AppData\Roaming\ParetoLogic
2013-05-02 23:35:27 ----D---- C:\ProgramData\ParetoLogic
2013-05-02 23:35:27 ----D---- C:\Program Files (x86)\ParetoLogic
2013-05-02 23:31:20 ----D---- C:\Users\Freeacer\AppData\Roaming\Malwarebytes
2013-05-02 23:31:09 ----D---- C:\ProgramData\Malwarebytes
2013-05-02 23:31:07 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-02 23:31:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-04-28 08:52:43 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2013-04-28 08:52:43 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2013-04-27 08:22:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-24 16:42:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-21 21:03:52 ----D---- C:\ProgramData\Steam
2013-04-20 10:19:18 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-04-20 10:19:18 ----D---- C:\Program Files\Realtek
2013-04-20 10:18:24 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\tossaeapo64.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\toseaeapo64.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\tosasfapo64.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\tosade.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\tadefxapo.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-04-20 10:18:24 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-04-20 10:18:23 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-04-20 10:18:23 ----A---- C:\Windows\system32\SRSHP64.dll
2013-04-20 10:18:23 ----A---- C:\Windows\system32\sltech64.dll
2013-04-20 10:18:23 ----A---- C:\Windows\system32\slprp64.dll
2013-04-20 10:18:22 ----A---- C:\Windows\system32\slcnt64.dll
2013-04-20 10:18:22 ----A---- C:\Windows\system32\sl3apo64.dll
2013-04-20 10:18:21 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-04-20 10:18:21 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-04-20 10:18:21 ----A---- C:\Windows\system32\SFNHK64.dll
2013-04-20 10:18:21 ----A---- C:\Windows\system32\SFCOM64.dll
2013-04-20 10:18:21 ----A---- C:\Windows\system32\SFAPO64.dll
2013-04-20 10:18:20 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2013-04-20 10:18:19 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-04-20 10:18:19 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-04-20 10:18:18 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-04-20 10:18:17 ----A---- C:\Windows\system32\RTKSMSettingsIPC.dll
2013-04-20 10:18:17 ----A---- C:\Windows\system32\RTKSMlfx.dll
2013-04-20 10:18:16 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-04-20 10:18:16 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-04-20 10:18:15 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-04-20 10:18:15 ----A---- C:\Windows\system32\RtkApi64.dll
2013-04-20 10:18:14 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-04-20 10:18:14 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-04-20 10:18:14 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-04-20 10:18:14 ----A---- C:\Windows\system32\RTEED64A.dll
2013-04-20 10:18:14 ----A---- C:\Windows\system32\RtDataProc64.dll
2013-04-20 10:18:13 ----A---- C:\Windows\system32\RTCOM64.dll
2013-04-20 10:18:13 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2013-04-20 10:18:12 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-04-20 10:18:12 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-04-20 10:18:10 ----A---- C:\Windows\system32\RCoRes64.dat
2013-04-20 10:18:10 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-04-20 10:18:06 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-04-20 10:18:06 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-04-20 10:18:06 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-04-20 10:18:05 ----A---- C:\Windows\system32\R4EED64A.dll
2013-04-20 10:18:05 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-04-20 10:18:04 ----A---- C:\Windows\system32\MISS_APO.dll
2013-04-20 10:17:57 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-04-20 10:17:54 ----A---- C:\Windows\system32\MaxxAudioVnA64.dll
2013-04-20 10:17:50 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-04-20 10:17:49 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-04-20 10:17:47 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-04-20 10:17:45 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-04-20 10:17:45 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2013-04-20 10:17:45 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2013-04-20 10:17:44 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-04-20 10:17:43 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-04-20 10:17:40 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-04-20 10:17:16 ----A---- C:\Windows\system32\FMAPO64.dll
2013-04-20 10:17:16 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-04-20 10:17:15 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-04-20 10:17:12 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-04-20 10:17:12 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-04-20 10:17:11 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-04-20 10:17:09 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-04-20 10:17:09 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-04-20 10:17:08 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-04-20 10:17:07 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-04-20 10:17:07 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-04-20 10:17:07 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-04-20 10:17:06 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-04-20 10:17:06 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-04-20 10:17:05 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-04-20 10:17:04 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-04-20 10:17:01 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-04-20 10:16:57 ----A---- C:\Windows\system32\AERTAR64.dll
2013-04-20 10:16:57 ----A---- C:\Windows\system32\AERTAC64.dll
2013-04-20 10:16:07 ----D---- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2013-04-18 20:03:33 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-04-18 20:03:33 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-04-18 20:03:33 ----A---- C:\Windows\SYSWOW64\java.exe
2013-04-14 01:19:14 ----D---- C:\Users\Freeacer\AppData\Roaming\KYE Gila
2013-04-14 01:18:59 ----A---- C:\Windows\unins000.exe
2013-04-14 01:18:59 ----A---- C:\Windows\unins000.dat
2013-04-14 01:09:03 ----A---- C:\Windows\unins001.exe
2013-04-11 03:10:43 ----A---- C:\Windows\system32\drivers\athrx.sys
2013-04-10 22:52:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-10 22:52:11 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 22:52:11 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-10 22:52:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-10 22:52:10 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-10 22:52:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-10 22:52:10 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-10 22:52:10 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-10 22:52:10 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-10 22:52:10 ----A---- C:\Windows\system32\iesetup.dll
2013-04-10 22:52:10 ----A---- C:\Windows\system32\iernonce.dll
2013-04-10 22:52:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-10 22:52:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-10 22:52:09 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 22:52:09 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 22:52:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-10 22:52:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-10 22:52:07 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 22:52:07 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 22:52:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-10 22:52:05 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 22:52:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-10 22:52:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-10 22:52:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 22:52:03 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 22:52:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-10 22:52:01 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 22:51:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-10 22:51:57 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 22:50:30 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 22:49:41 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 22:49:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 22:49:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 22:49:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 22:49:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 22:49:31 ----A---- C:\Windows\system32\smss.exe
2013-04-10 22:49:31 ----A---- C:\Windows\system32\csrsrv.dll

======List of files/folders modified in the last 1 month======

2013-05-03 00:38:21 ----D---- C:\Windows\Temp
2013-05-03 00:38:18 ----RD---- C:\Program Files
2013-05-03 00:12:59 ----SD---- C:\Users\Freeacer\AppData\Roaming\Microsoft
2013-05-02 23:36:16 ----D---- C:\Windows\system32\Tasks
2013-05-02 23:36:15 ----D---- C:\Windows\Tasks
2013-05-02 23:35:32 ----D---- C:\Program Files (x86)\Common Files
2013-05-02 23:35:27 ----RD---- C:\Program Files (x86)
2013-05-02 23:35:27 ----HD---- C:\ProgramData
2013-05-02 23:31:07 ----D---- C:\Windows\system32\drivers
2013-05-02 23:08:41 ----D---- C:\Windows\system32\config
2013-05-02 22:34:41 ----D---- C:\Windows\inf
2013-05-02 22:34:41 ----AD---- C:\Windows\System32
2013-05-02 22:34:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-02 22:26:03 ----D---- C:\ProgramData\VMware
2013-05-02 22:26:00 ----A---- C:\Windows\system32\rpcnetp.exe
2013-05-02 22:25:58 ----A---- C:\Windows\SYSWOW64\rpcnet.dll
2013-05-02 20:15:20 ----D---- C:\Windows\system32\catroot
2013-05-02 20:15:04 ----D---- C:\Windows\system32\catroot2
2013-05-02 20:14:17 ----D---- C:\Windows\Prefetch
2013-05-02 20:11:52 ----D---- C:\ProgramData\DriverGenius
2013-05-02 20:06:57 ----D---- C:\Users\Freeacer\AppData\Roaming\uTorrent
2013-05-02 19:26:12 ----D---- C:\Users\Freeacer\AppData\Roaming\vlc
2013-05-02 17:05:17 ----D---- C:\Program Files (x86)\uTorrent
2013-05-01 19:56:14 ----D---- C:\Users\Freeacer\AppData\Roaming\Skype
2013-05-01 16:55:55 ----SHD---- C:\Windows\Installer
2013-05-01 16:55:55 ----D---- C:\ProgramData\Skype
2013-05-01 16:55:45 ----RD---- C:\Program Files (x86)\Skype
2013-05-01 01:01:21 ----D---- C:\ProgramData\Adobe
2013-05-01 01:01:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-30 16:35:13 ----SHD---- C:\System Volume Information
2013-04-28 08:53:02 ----D---- C:\Windows\system32\DriverStore
2013-04-28 08:52:34 ----D---- C:\Program Files (x86)\Intel
2013-04-27 08:56:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-24 16:48:33 ----D---- C:\Windows\winsxs
2013-04-24 14:38:03 ----D---- C:\Games
2013-04-22 10:16:55 ----D---- C:\Program Files (x86)\The KMPlayer
2013-04-21 20:54:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-21 12:17:30 ----HD---- C:\Windows\system32\GroupPolicy
2013-04-20 19:09:22 ----D---- C:\Windows
2013-04-20 15:24:53 ----D---- C:\Windows\Minidump
2013-04-20 10:20:03 ----HD---- C:\Program Files (x86)\Temp
2013-04-20 10:19:29 ----D---- C:\Windows\SysWOW64
2013-04-18 20:03:33 ----D---- C:\Program Files (x86)\Java
2013-04-17 18:26:42 ----A---- C:\Windows\SYSWOW64\rpcnetp.dll
2013-04-17 18:26:28 ----A---- C:\Windows\SYSWOW64\rpcnetp.exe
2013-04-14 01:28:14 ----D---- C:\Program Files\Intel
2013-04-14 01:18:59 ----D---- C:\Program Files (x86)\Genius
2013-04-10 23:16:40 ----RSD---- C:\Windows\assembly
2013-04-10 23:16:40 ----D---- C:\Windows\Microsoft.NET
2013-04-10 23:03:19 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-10 23:03:18 ----D---- C:\Program Files\Internet Explorer
2013-04-10 22:54:52 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 22:53:11 ----D---- C:\ProgramData\Microsoft Help
2013-04-08 23:53:32 ----D---- C:\Program Files (x86)\A bootable USB
2013-04-07 21:38:49 ----D---- C:\ProgramData\Blizzard Entertainment
2013-04-06 17:41:43 ----D---- C:\Program Files (x86)\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-03-22 678384]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-03-22 28656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-27 564824]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-07-06 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-07-06 70256]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-20 39768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-29 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 120408]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-01 52376]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2012-11-23 38392]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-08-15 45720]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2012-08-15 30360]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2012-08-15 67224]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-12 33392]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-03-11 3879936]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2012-02-09 78888]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 104448]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 90112]
R3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 30720]
R3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 238080]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-03-08 5358016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-29 3379272]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-10-16 435512]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-03-20 99288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-01 425232]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2012-08-15 32920]
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\Freeacer\AppData\Local\Temp\ALSysIO64.sys []
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 AVerAF35;AVerMedia A835 USB DVB-T; C:\Windows\System32\Drivers\AVerAF35.sys [2012-11-29 804736]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2013-01-03 43400]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TS_ARN5416;[CommView] Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\ts_athrx.sys [2012-02-10 2813544]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-08-15 20120]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-01 37680]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-10-08 189208]
S4 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 57904]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-07-30 1518504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AVerRemote;AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2011-08-19 360448]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
R2 AVerUpdateServer;AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-10-31 167936]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DokanMounter;DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-03-23 355920]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 871296]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 InterBaseGuardian;InterBase Guardian; C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe [2001-11-29 32768]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-20 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-20 368600]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2012-09-14 2552176]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-02 75136]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2012-09-22 58288]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-08-15 79872]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-08-15 357016]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-01 917656]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-08-15 435864]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-20 968880]
R3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-03-22 279024]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 InterBaseServer;InterBase Server; C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe [2001-11-29 1769472]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-01 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [2009-08-24 544768]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-28 1432400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-27 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Problem se souborem csrss.exe

#3 Příspěvek od vyosek »

Zdravim :)

:arrow: Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna. :?:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
freeacer
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 19 led 2012 17:39

Re: Problem se souborem csrss.exe

#4 Příspěvek od freeacer »

NE. Mam stahnutou cistou verzi WIN7 ultimate osetrenou loaderem verze 2.2.1 . . .i kdyz nevim k cemu Vam bude tato informace...
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15717
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Problem se souborem csrss.exe

#5 Příspěvek od JaRon »

bude nam k to k zatvoreniu dveri :)
nelegalny OS + AV = porusenie pravidiel >> LOCK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“