Prosím zkontrolovat log
Napsal: 22 úno 2012 18:28
Dobry den, prosím o kontrolu logu, na notebooku ihned po přihlášení jede výkon na 100%, stránky na internetu se načítají věčně nebo se vůbec nezobrazí přičemž připojení internetu na PC jede v pohodě. Pročištěno CCleanerem a Nodem32 bez odezvy. Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Xawier at 2012-02-22 18:13:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 58 GB (24%) free of 237 GB
Total RAM: 3957 MB (53% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 35729504
\??\C:\windows\system32\conhost.exe "365104677940195687-129866892511298205051204159706-1736939326813691034222850900
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
C:\windows\system32\PrintCtrl.exe
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1864
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
taskeng.exe {497E015F-7C93-4EB7-9184-D9A3B13A9BC7}
taskeng.exe {0535411C-26CD-4289-A758-9FE31E682407}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe" /h
"C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe" hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\sppsvc.exe
"C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" -mode=scheduled
"C:\Program Files (x86)\The KMPlayer\KMPlayer.exe" "C:\Users\Xawier\Desktop\Robin-Hood-01x09-Něco-málo-o-loajalitě.avi"
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 7B630E20-7A05-48AE-0881-6453C98B61B2 -Reinvoke
"C:\Users\Xawier\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
=========Mozilla firefox=========
ProfilePath - C:\Users\Xawier\AppData\Roaming\Mozilla\Firefox\Profiles\s2mg9x32.default
prefs.js - "keyword.URL" - "http://search.hotspotshield.com/g/results.php?c=s&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Xawier\AppData\Roaming\Mozilla\Firefox\Profiles\s2mg9x32.default\extensions\
yasearch@yandex.ru
{800b5000-a755-47e1-992b-48a1c1357f07}
{ce10bf86-da68-441e-91fa-38336363e3cd}
C:\Users\Xawier\AppData\Roaming\Mozilla\Firefox\Profiles\s2mg9x32.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-12-25 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
Samsung BHO Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25 1973760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-18 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce10bf86-da68-441e-91fa-38336363e3cd}]
Movier-media Toolbar - C:\Program Files (x86)\Movier-media\tbMovi.dll [2010-03-09 2355224]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{ce10bf86-da68-441e-91fa-38336363e3cd} - Movier-media Toolbar - C:\Program Files (x86)\Movier-media\tbMovi.dll [2010-03-09 2355224]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-12-25 798771]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-01 11660904]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-31 2581384]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-08 4030008]
"PrintDisp"=C:\windows\system32\PrintDisp.exe [2011-02-19 826368]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.6\ICQ.exe [2011-10-10 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk [2011-10-18 2419]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Xawier^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-02-22 18:13:38 ----D---- C:\rsit
2012-02-22 18:13:38 ----D---- C:\Program Files\trend micro
2012-02-22 17:40:21 ----D---- C:\ProgramData\VS
2012-02-22 16:48:33 ----D---- C:\Users\Xawier\AppData\Roaming\Origin
2012-02-22 16:48:11 ----D---- C:\ProgramData\Origin
2012-02-22 16:48:10 ----D---- C:\Program Files (x86)\Origin Games
2012-02-22 16:47:28 ----D---- C:\Program Files (x86)\Origin
2012-02-22 15:53:40 ----D---- C:\ProgramData\Electronic Arts
2012-02-22 12:59:29 ----D---- C:\Program Files (x86)\Microsoft WSE
2012-02-22 12:48:53 ----D---- C:\Program Files (x86)\Electronic Arts
2012-02-22 12:00:45 ----D---- C:\ProgramData\Youdagames
2012-02-22 12:00:45 ----D---- C:\Program Files (x86)\Youdagames
2012-02-14 11:15:40 ----D---- C:\Program Files (x86)\Diablo III Beta
2012-02-13 13:51:36 ----D---- C:\windows\system32\RsFx
2012-02-13 13:50:52 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2012-02-13 13:46:41 ----D---- C:\Program Files\Microsoft SQL Server
2012-02-13 13:46:15 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2012-02-13 13:45:55 ----D---- C:\Program Files\Microsoft Sync Framework
2012-02-13 13:45:49 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-02-13 13:45:49 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-02-13 13:45:43 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2012-02-13 13:44:10 ----D---- C:\ProgramData\PreEmptive Solutions
2012-02-13 13:37:56 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2012-02-13 13:37:46 ----D---- C:\Program Files\IIS
2012-02-13 13:28:46 ----D---- C:\Program Files (x86)\Microsoft F#
2012-02-13 13:28:45 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-02-13 13:26:35 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-02-13 13:26:18 ----D---- C:\Program Files\Microsoft Help Viewer
2012-02-13 13:26:18 ----D---- C:\Program Files (x86)\Microsoft SDKs
2012-02-13 11:03:57 ----D---- C:\ProgramData\Blizzard Entertainment
2012-02-13 08:57:35 ----D---- C:\ProgramData\Battle.net
2012-02-06 18:57:30 ----D---- C:\ProgramData\Symantec
2012-02-06 16:51:29 ----D---- C:\windows\SYSWOW64\Adobe
2012-02-03 19:51:20 ----D---- C:\Users\Xawier\AppData\Roaming\Telefónica Móviles
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewusbnet.sys
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewusbmdm.sys
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewusbdev.sys
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewdcsc.sys
2012-02-03 19:50:26 ----D---- C:\Program Files (x86)\O2
2012-01-27 10:52:32 ----D---- C:\windows\pss
2012-01-25 18:40:16 ----A---- C:\windows\SYSWOW64\schannel.dll
2012-01-25 18:40:16 ----A---- C:\windows\system32\schannel.dll
2012-01-25 18:40:16 ----A---- C:\windows\system32\lsasrv.dll
2012-01-25 18:40:16 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-01-25 18:40:16 ----A---- C:\windows\system32\drivers\ksecdd.sys
2012-01-25 18:40:16 ----A---- C:\windows\system32\drivers\cng.sys
2012-01-25 18:40:15 ----A---- C:\windows\SYSWOW64\webio.dll
2012-01-25 18:40:15 ----A---- C:\windows\SYSWOW64\sspicli.dll
2012-01-25 18:40:15 ----A---- C:\windows\SYSWOW64\secur32.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\webio.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\sspisrv.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\sspicli.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\secur32.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\lsass.exe
2012-01-24 21:02:23 ----D---- C:\ProgramData\ALM
2012-01-24 20:22:50 ----N---- C:\windows\system32\drivers\PxHlpa64.sys
2012-01-24 20:22:50 ----N---- C:\windows\system32\drivers\cdralw2k.sys
2012-01-24 20:22:50 ----N---- C:\windows\system32\drivers\cdr4_xp.sys
2012-01-24 20:22:49 ----D---- C:\Program Files (x86)\My Company Name
======List of files/folders modified in the last 1 month======
2012-02-22 18:13:44 ----D---- C:\windows\Temp
2012-02-22 18:13:38 ----RD---- C:\Program Files
2012-02-22 18:12:49 ----SHD---- C:\windows\Installer
2012-02-22 18:12:49 ----SHD---- C:\Config.Msi
2012-02-22 18:12:49 ----RSD---- C:\windows\assembly
2012-02-22 18:11:21 ----D---- C:\windows\system32\catroot
2012-02-22 18:11:07 ----D---- C:\windows\system32\catroot2
2012-02-22 18:10:58 ----D---- C:\windows\winsxs
2012-02-22 18:07:31 ----D---- C:\Users\Xawier\AppData\Roaming\ICQ
2012-02-22 18:06:37 ----D---- C:\windows\System32
2012-02-22 18:06:37 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-02-22 18:06:36 ----D---- C:\windows\inf
2012-02-22 18:02:45 ----SHD---- C:\System Volume Information
2012-02-22 18:02:15 ----D---- C:\windows\tracing
2012-02-22 18:00:57 ----A---- C:\windows\SYSWOW64\log.txt
2012-02-22 17:59:11 ----D---- C:\windows\system32\config
2012-02-22 17:58:08 ----D---- C:\windows\Tasks
2012-02-22 17:58:08 ----D---- C:\windows\SysWOW64
2012-02-22 17:58:08 ----D---- C:\windows\system32\wfp
2012-02-22 17:58:07 ----D---- C:\Windows
2012-02-22 17:58:07 ----D---- C:\Program Files\Internet Explorer
2012-02-22 17:57:50 ----D---- C:\windows\system32\wbem
2012-02-22 17:56:37 ----D---- C:\windows\SYSWOW64\wbem
2012-02-22 17:56:37 ----D---- C:\windows\SYSWOW64\migration
2012-02-22 17:56:37 ----D---- C:\windows\system32\migration
2012-02-22 17:56:37 ----D---- C:\windows\system32\DriverStore
2012-02-22 17:56:37 ----D---- C:\windows\system32\drivers
2012-02-22 17:56:37 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-22 17:56:35 ----D---- C:\windows\system32\drivers\UMDF
2012-02-22 17:56:35 ----D---- C:\windows\system32\CodeIntegrity
2012-02-22 17:56:26 ----D---- C:\windows\AppCompat
2012-02-22 17:56:25 ----HD---- C:\ProgramData
2012-02-22 17:56:25 ----D---- C:\ProgramData\Xfire
2012-02-22 17:56:25 ----D---- C:\ProgramData\WinClon
2012-02-22 17:56:25 ----D---- C:\ProgramData\WildTangent
2012-02-22 17:56:25 ----D---- C:\ProgramData\Temp
2012-02-22 17:56:25 ----D---- C:\ProgramData\Skype
2012-02-22 17:56:25 ----D---- C:\ProgramData\SAMSUNG
2012-02-22 17:56:25 ----D---- C:\ProgramData\Norton
2012-02-22 17:56:24 ----D---- C:\ProgramData\Microsoft Help
2012-02-22 17:56:24 ----D---- C:\ProgramData\LangSoft
2012-02-22 17:56:24 ----D---- C:\ProgramData\CyberLink
2012-02-22 17:56:24 ----D---- C:\ProgramData\Apple Computer
2012-02-22 17:56:24 ----D---- C:\ProgramData\Apple
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)\WinDjView
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)\WildTangent Games
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)\WildGames
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)
2012-02-22 17:56:21 ----D---- C:\Program Files (x86)\Opera
2012-02-22 17:56:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-02-22 17:56:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-02-22 17:56:20 ----D---- C:\Program Files (x86)\Microsoft Works
2012-02-22 17:56:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-22 17:56:18 ----D---- C:\Program Files (x86)\FreeTime
2012-02-22 17:56:18 ----D---- C:\Program Files (x86)\Free PDF to Word Converter
2012-02-22 17:53:13 ----D---- C:\windows\registration
2012-02-22 17:51:27 ----D---- C:\windows\Microsoft.NET
2012-02-22 17:48:53 ----SD---- C:\Users\Xawier\AppData\Roaming\Microsoft
2012-02-22 17:47:19 ----SD---- C:\ProgramData\Microsoft
2012-02-22 17:47:17 ----D---- C:\ProgramData\ICQ
2012-02-22 17:47:13 ----D---- C:\ProgramData\ESET
2012-02-22 17:47:11 ----D---- C:\ProgramData\Adobe
2012-02-22 17:47:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-22 17:46:12 ----D---- C:\Program Files (x86)\MSBuild
2012-02-22 17:45:19 ----D---- C:\Program Files (x86)\Common Files
2012-02-22 16:36:24 ----D---- C:\Users\Xawier\AppData\Roaming\DAEMON Tools Lite
2012-02-22 16:22:39 ----D---- C:\windows\ModemLogs
2012-02-22 16:22:38 ----D---- C:\windows\debug
2012-02-22 11:58:30 ----D---- C:\windows\Prefetch
2012-02-08 19:06:07 ----D---- C:\Users\Xawier\AppData\Roaming\Skype
2012-02-06 19:02:07 ----D---- C:\windows\system32\Tasks
2012-01-29 05:10:42 ----N---- C:\windows\system32\MpSigStub.exe
2012-01-27 11:01:26 ----D---- C:\windows\Panther
2012-01-27 11:01:24 ----D---- C:\windows\Logs
2012-01-27 11:00:04 ----D---- C:\Program Files\CCleaner
2012-01-27 10:58:01 ----D---- C:\Users\Xawier\AppData\Roaming\Yandex
2012-01-27 10:56:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-27 10:56:02 ----D---- C:\MMVI
2012-01-25 18:33:58 ----RSD---- C:\windows\Fonts
2012-01-24 21:11:12 ----D---- C:\Users\Xawier\AppData\Roaming\Adobe
2012-01-24 21:05:21 ----D---- C:\Program Files\Common Files\Adobe
2012-01-24 21:04:12 ----D---- C:\Program Files\Adobe
2012-01-24 21:03:34 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-04-27 540696]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-18 270912]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2010-10-07 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-07-29 3065408]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-09-21 348712]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-08-21 106536]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-09-14 138280]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-09-14 21416]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-11-10 31088]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-08-31 118664]
R3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2011-10-11 33344]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-12-01 2647528]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-03-10 86120]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2011-11-11 82048]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-25 409192]
R3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 usbsmi;WebCam SCX Series Service Display Name V1; C:\windows\system32\DRIVERS\SMIksdrv.sys [2010-09-15 206336]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2011-08-13 15144]
S3 taphss;Anchorfree HSS Adapter; C:\windows\system32\DRIVERS\taphss.sys [2011-12-16 37888]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-10-22 953632]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-08 974944]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-03-06 993896]
R2 Printer Control;Printer Control; C:\windows\system32\PrintCtrl.exe [2011-01-03 77824]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Samsung UPD Service;Samsung UPD Service; C:\windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-09-13 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Xawier at 2012-02-22 18:13:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 58 GB (24%) free of 237 GB
Total RAM: 3957 MB (53% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 35729504
\??\C:\windows\system32\conhost.exe "365104677940195687-129866892511298205051204159706-1736939326813691034222850900
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
C:\windows\system32\PrintCtrl.exe
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1864
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
taskeng.exe {497E015F-7C93-4EB7-9184-D9A3B13A9BC7}
taskeng.exe {0535411C-26CD-4289-A758-9FE31E682407}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe" /h
"C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe" hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\sppsvc.exe
"C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" -mode=scheduled
"C:\Program Files (x86)\The KMPlayer\KMPlayer.exe" "C:\Users\Xawier\Desktop\Robin-Hood-01x09-Něco-málo-o-loajalitě.avi"
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 7B630E20-7A05-48AE-0881-6453C98B61B2 -Reinvoke
"C:\Users\Xawier\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
=========Mozilla firefox=========
ProfilePath - C:\Users\Xawier\AppData\Roaming\Mozilla\Firefox\Profiles\s2mg9x32.default
prefs.js - "keyword.URL" - "http://search.hotspotshield.com/g/results.php?c=s&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Xawier\AppData\Roaming\Mozilla\Firefox\Profiles\s2mg9x32.default\extensions\
yasearch@yandex.ru
{800b5000-a755-47e1-992b-48a1c1357f07}
{ce10bf86-da68-441e-91fa-38336363e3cd}
C:\Users\Xawier\AppData\Roaming\Mozilla\Firefox\Profiles\s2mg9x32.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-12-25 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
Samsung BHO Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25 1973760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-18 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce10bf86-da68-441e-91fa-38336363e3cd}]
Movier-media Toolbar - C:\Program Files (x86)\Movier-media\tbMovi.dll [2010-03-09 2355224]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{ce10bf86-da68-441e-91fa-38336363e3cd} - Movier-media Toolbar - C:\Program Files (x86)\Movier-media\tbMovi.dll [2010-03-09 2355224]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-12-25 798771]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-01 11660904]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-31 2581384]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-08 4030008]
"PrintDisp"=C:\windows\system32\PrintDisp.exe [2011-02-19 826368]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.6\ICQ.exe [2011-10-10 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk [2011-10-18 2419]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Xawier^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-02-22 18:13:38 ----D---- C:\rsit
2012-02-22 18:13:38 ----D---- C:\Program Files\trend micro
2012-02-22 17:40:21 ----D---- C:\ProgramData\VS
2012-02-22 16:48:33 ----D---- C:\Users\Xawier\AppData\Roaming\Origin
2012-02-22 16:48:11 ----D---- C:\ProgramData\Origin
2012-02-22 16:48:10 ----D---- C:\Program Files (x86)\Origin Games
2012-02-22 16:47:28 ----D---- C:\Program Files (x86)\Origin
2012-02-22 15:53:40 ----D---- C:\ProgramData\Electronic Arts
2012-02-22 12:59:29 ----D---- C:\Program Files (x86)\Microsoft WSE
2012-02-22 12:48:53 ----D---- C:\Program Files (x86)\Electronic Arts
2012-02-22 12:00:45 ----D---- C:\ProgramData\Youdagames
2012-02-22 12:00:45 ----D---- C:\Program Files (x86)\Youdagames
2012-02-14 11:15:40 ----D---- C:\Program Files (x86)\Diablo III Beta
2012-02-13 13:51:36 ----D---- C:\windows\system32\RsFx
2012-02-13 13:50:52 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2012-02-13 13:46:41 ----D---- C:\Program Files\Microsoft SQL Server
2012-02-13 13:46:15 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2012-02-13 13:45:55 ----D---- C:\Program Files\Microsoft Sync Framework
2012-02-13 13:45:49 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-02-13 13:45:49 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-02-13 13:45:43 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2012-02-13 13:44:10 ----D---- C:\ProgramData\PreEmptive Solutions
2012-02-13 13:37:56 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2012-02-13 13:37:46 ----D---- C:\Program Files\IIS
2012-02-13 13:28:46 ----D---- C:\Program Files (x86)\Microsoft F#
2012-02-13 13:28:45 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-02-13 13:26:35 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-02-13 13:26:18 ----D---- C:\Program Files\Microsoft Help Viewer
2012-02-13 13:26:18 ----D---- C:\Program Files (x86)\Microsoft SDKs
2012-02-13 11:03:57 ----D---- C:\ProgramData\Blizzard Entertainment
2012-02-13 08:57:35 ----D---- C:\ProgramData\Battle.net
2012-02-06 18:57:30 ----D---- C:\ProgramData\Symantec
2012-02-06 16:51:29 ----D---- C:\windows\SYSWOW64\Adobe
2012-02-03 19:51:20 ----D---- C:\Users\Xawier\AppData\Roaming\Telefónica Móviles
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewusbnet.sys
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewusbmdm.sys
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewusbdev.sys
2012-02-03 19:50:44 ----A---- C:\windows\system32\drivers\ewdcsc.sys
2012-02-03 19:50:26 ----D---- C:\Program Files (x86)\O2
2012-01-27 10:52:32 ----D---- C:\windows\pss
2012-01-25 18:40:16 ----A---- C:\windows\SYSWOW64\schannel.dll
2012-01-25 18:40:16 ----A---- C:\windows\system32\schannel.dll
2012-01-25 18:40:16 ----A---- C:\windows\system32\lsasrv.dll
2012-01-25 18:40:16 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-01-25 18:40:16 ----A---- C:\windows\system32\drivers\ksecdd.sys
2012-01-25 18:40:16 ----A---- C:\windows\system32\drivers\cng.sys
2012-01-25 18:40:15 ----A---- C:\windows\SYSWOW64\webio.dll
2012-01-25 18:40:15 ----A---- C:\windows\SYSWOW64\sspicli.dll
2012-01-25 18:40:15 ----A---- C:\windows\SYSWOW64\secur32.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\webio.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\sspisrv.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\sspicli.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\secur32.dll
2012-01-25 18:40:15 ----A---- C:\windows\system32\lsass.exe
2012-01-24 21:02:23 ----D---- C:\ProgramData\ALM
2012-01-24 20:22:50 ----N---- C:\windows\system32\drivers\PxHlpa64.sys
2012-01-24 20:22:50 ----N---- C:\windows\system32\drivers\cdralw2k.sys
2012-01-24 20:22:50 ----N---- C:\windows\system32\drivers\cdr4_xp.sys
2012-01-24 20:22:49 ----D---- C:\Program Files (x86)\My Company Name
======List of files/folders modified in the last 1 month======
2012-02-22 18:13:44 ----D---- C:\windows\Temp
2012-02-22 18:13:38 ----RD---- C:\Program Files
2012-02-22 18:12:49 ----SHD---- C:\windows\Installer
2012-02-22 18:12:49 ----SHD---- C:\Config.Msi
2012-02-22 18:12:49 ----RSD---- C:\windows\assembly
2012-02-22 18:11:21 ----D---- C:\windows\system32\catroot
2012-02-22 18:11:07 ----D---- C:\windows\system32\catroot2
2012-02-22 18:10:58 ----D---- C:\windows\winsxs
2012-02-22 18:07:31 ----D---- C:\Users\Xawier\AppData\Roaming\ICQ
2012-02-22 18:06:37 ----D---- C:\windows\System32
2012-02-22 18:06:37 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-02-22 18:06:36 ----D---- C:\windows\inf
2012-02-22 18:02:45 ----SHD---- C:\System Volume Information
2012-02-22 18:02:15 ----D---- C:\windows\tracing
2012-02-22 18:00:57 ----A---- C:\windows\SYSWOW64\log.txt
2012-02-22 17:59:11 ----D---- C:\windows\system32\config
2012-02-22 17:58:08 ----D---- C:\windows\Tasks
2012-02-22 17:58:08 ----D---- C:\windows\SysWOW64
2012-02-22 17:58:08 ----D---- C:\windows\system32\wfp
2012-02-22 17:58:07 ----D---- C:\Windows
2012-02-22 17:58:07 ----D---- C:\Program Files\Internet Explorer
2012-02-22 17:57:50 ----D---- C:\windows\system32\wbem
2012-02-22 17:56:37 ----D---- C:\windows\SYSWOW64\wbem
2012-02-22 17:56:37 ----D---- C:\windows\SYSWOW64\migration
2012-02-22 17:56:37 ----D---- C:\windows\system32\migration
2012-02-22 17:56:37 ----D---- C:\windows\system32\DriverStore
2012-02-22 17:56:37 ----D---- C:\windows\system32\drivers
2012-02-22 17:56:37 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-22 17:56:35 ----D---- C:\windows\system32\drivers\UMDF
2012-02-22 17:56:35 ----D---- C:\windows\system32\CodeIntegrity
2012-02-22 17:56:26 ----D---- C:\windows\AppCompat
2012-02-22 17:56:25 ----HD---- C:\ProgramData
2012-02-22 17:56:25 ----D---- C:\ProgramData\Xfire
2012-02-22 17:56:25 ----D---- C:\ProgramData\WinClon
2012-02-22 17:56:25 ----D---- C:\ProgramData\WildTangent
2012-02-22 17:56:25 ----D---- C:\ProgramData\Temp
2012-02-22 17:56:25 ----D---- C:\ProgramData\Skype
2012-02-22 17:56:25 ----D---- C:\ProgramData\SAMSUNG
2012-02-22 17:56:25 ----D---- C:\ProgramData\Norton
2012-02-22 17:56:24 ----D---- C:\ProgramData\Microsoft Help
2012-02-22 17:56:24 ----D---- C:\ProgramData\LangSoft
2012-02-22 17:56:24 ----D---- C:\ProgramData\CyberLink
2012-02-22 17:56:24 ----D---- C:\ProgramData\Apple Computer
2012-02-22 17:56:24 ----D---- C:\ProgramData\Apple
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)\WinDjView
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)\WildTangent Games
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)\WildGames
2012-02-22 17:56:23 ----D---- C:\Program Files (x86)
2012-02-22 17:56:21 ----D---- C:\Program Files (x86)\Opera
2012-02-22 17:56:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-02-22 17:56:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-02-22 17:56:20 ----D---- C:\Program Files (x86)\Microsoft Works
2012-02-22 17:56:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-22 17:56:18 ----D---- C:\Program Files (x86)\FreeTime
2012-02-22 17:56:18 ----D---- C:\Program Files (x86)\Free PDF to Word Converter
2012-02-22 17:53:13 ----D---- C:\windows\registration
2012-02-22 17:51:27 ----D---- C:\windows\Microsoft.NET
2012-02-22 17:48:53 ----SD---- C:\Users\Xawier\AppData\Roaming\Microsoft
2012-02-22 17:47:19 ----SD---- C:\ProgramData\Microsoft
2012-02-22 17:47:17 ----D---- C:\ProgramData\ICQ
2012-02-22 17:47:13 ----D---- C:\ProgramData\ESET
2012-02-22 17:47:11 ----D---- C:\ProgramData\Adobe
2012-02-22 17:47:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-22 17:46:12 ----D---- C:\Program Files (x86)\MSBuild
2012-02-22 17:45:19 ----D---- C:\Program Files (x86)\Common Files
2012-02-22 16:36:24 ----D---- C:\Users\Xawier\AppData\Roaming\DAEMON Tools Lite
2012-02-22 16:22:39 ----D---- C:\windows\ModemLogs
2012-02-22 16:22:38 ----D---- C:\windows\debug
2012-02-22 11:58:30 ----D---- C:\windows\Prefetch
2012-02-08 19:06:07 ----D---- C:\Users\Xawier\AppData\Roaming\Skype
2012-02-06 19:02:07 ----D---- C:\windows\system32\Tasks
2012-01-29 05:10:42 ----N---- C:\windows\system32\MpSigStub.exe
2012-01-27 11:01:26 ----D---- C:\windows\Panther
2012-01-27 11:01:24 ----D---- C:\windows\Logs
2012-01-27 11:00:04 ----D---- C:\Program Files\CCleaner
2012-01-27 10:58:01 ----D---- C:\Users\Xawier\AppData\Roaming\Yandex
2012-01-27 10:56:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-27 10:56:02 ----D---- C:\MMVI
2012-01-25 18:33:58 ----RSD---- C:\windows\Fonts
2012-01-24 21:11:12 ----D---- C:\Users\Xawier\AppData\Roaming\Adobe
2012-01-24 21:05:21 ----D---- C:\Program Files\Common Files\Adobe
2012-01-24 21:04:12 ----D---- C:\Program Files\Adobe
2012-01-24 21:03:34 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-04-27 540696]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-18 270912]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2010-10-07 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-07-29 3065408]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-09-21 348712]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-08-21 106536]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-09-14 138280]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-09-14 21416]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-11-10 31088]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-08-31 118664]
R3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2011-10-11 33344]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-12-01 2647528]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-03-10 86120]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2011-11-11 82048]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-25 409192]
R3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 usbsmi;WebCam SCX Series Service Display Name V1; C:\windows\system32\DRIVERS\SMIksdrv.sys [2010-09-15 206336]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2011-08-13 15144]
S3 taphss;Anchorfree HSS Adapter; C:\windows\system32\DRIVERS\taphss.sys [2011-12-16 37888]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-10-22 953632]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-08 974944]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-03-06 993896]
R2 Printer Control;Printer Control; C:\windows\system32\PrintCtrl.exe [2011-01-03 77824]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Samsung UPD Service;Samsung UPD Service; C:\windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-09-13 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
