Logfile of random's system information tool 1.09 (written by random/random)
Run by Rhonwyn at 2012-07-07 09:13:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 523 GB (55%) free of 954 GB
Total RAM: 8175 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:13:39, on 7.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Trust\GXT14 Mouse\POINTERGHOST.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Trust\GXT14 Mouse\StartAutorun.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Trust\GXT14 Mouse\RapooV1Process.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rhonwyn\Desktop\SystemLook.exe
C:\Program Files\trend micro\Rhonwyn.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [trustGTX14] "C:\Program Files (x86)\Trust\GXT14 Mouse\POINTERGHOST.exe" showhide
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-101 - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-103 - {9E508DD9-844C-4985-AC11-AFE5DD71E0BF} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: (no name) - {B771147A-4CC8-450e-8AB1-7D47821751B1} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-102 - {B771147A-4CC8-450e-8AB1-7D47821751B1} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-104 - {EB89B163-2474-4734-9E93-68B61BC5BED5} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Game Mouse Communication And Update Service V1 (KmGameMouseServiceV1) - UASSOFT.COM - C:\Program Files (x86)\Trust\GXT14 Mouse\GameMouseServiceApp.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12535 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Trust\GXT14 Mouse\GameMouseServiceApp.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe"
"C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe" -service
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2616
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
RPMDaemon.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Trust\GXT14 Mouse\POINTERGHOST.exe" showhide
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
"C:\Program Files (x86)\Trust\GXT14 Mouse\StartAutorun.exe" RapooV1Process.exe
"C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding
RapooV1Process.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
taskeng.exe {6D20D340-141B-4348-AED5-B3FACBA1E26A}
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/11/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="2172.2.538130848\1162764297" /prefetch:3
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/11/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="2172.3.1850880347\2127488139" /prefetch:3
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/11/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="2172.4.37443692\1031520712" /prefetch:3
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/11/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="2172.5.1756568799\460019632" /prefetch:3
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll" --lang=cs --channel="2172.6.1100716960\56522849" /prefetch:4
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2172.7.483166731\630140014" --reduce-gpu-sandbox --disable-image-transport-surface /prefetch:12
"C:\Users\Rhonwyn\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/11/Prerender/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="2172.8.1067377097\1258458193" /prefetch:3
"C:\Users\Rhonwyn\Desktop\SystemLook.exe"
taskhost.exe $(Arg0)
taskeng.exe {322ADC7B-B494-4E4A-919C-F6D7C0EB7D07}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Rhonwyn\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Rhonwyn\AppData\Roaming\Mozilla\Firefox\Profiles\xk3embay.default
prefs.js - "browser.startup.homepage" - "
https://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Rhonwyn\AppData\Roaming\Mozilla\Firefox\Profiles\xk3embay.default\extensions\
bbrs_002@blabbers.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
Splashtop Connect VisualBookmark - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll [2011-01-21 345968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-08 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-08 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2010-08-23 2552320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-02-01 1242448]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2012-06-30 3407496]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [2011-01-21 776064]
"trustGTX14"=C:\Program Files (x86)\Trust\GXT14 Mouse\POINTERGHOST.exe [2009-06-05 4833792]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"ZyngaGamesAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [2010-11-15 841544]
C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-02-09 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-07-07 08:37:46 ----D---- C:\_OTM
2012-07-06 20:30:53 ----A---- C:\ComboFix.txt
2012-07-06 20:27:32 ----SHD---- C:\$RECYCLE.BIN
2012-07-06 18:17:52 ----D---- C:\Windows\erdnt
2012-07-06 03:00:21 ----A---- C:\Windows\system32\browserchoice.exe
2012-07-05 23:35:52 ----D---- C:\Program Files\Defraggler
2012-07-05 23:25:50 ----D---- C:\rsit
2012-07-05 19:54:03 ----D---- C:\ProgramData\ATI
2012-07-05 19:53:32 ----D---- C:\Program Files (x86)\AMD APP
2012-07-05 19:50:38 ----D---- C:\ATI
2012-07-05 19:45:05 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-07-05 19:32:56 ----D---- C:\ProgramData\EA Logs
2012-07-05 13:44:21 ----D---- C:\Program Files (x86)\HD Tune
2012-07-05 13:37:24 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2012-07-05 09:26:32 ----D---- C:\Program Files\trend micro
2012-07-04 08:41:55 ----D---- C:\Program Files\CCleaner
2012-07-04 08:27:42 ----D---- C:\Users\Rhonwyn\AppData\Roaming\SUPERAntiSpyware.com
2012-07-04 08:27:29 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-07-04 08:27:29 ----D---- C:\Program Files\SUPERAntiSpyware
2012-07-04 07:28:16 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Malwarebytes
2012-07-04 07:28:04 ----D---- C:\ProgramData\Malwarebytes
2012-07-04 07:28:03 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-04 07:28:03 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-07-02 20:39:31 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-06-30 13:01:47 ----D---- C:\Program Files (x86)\VJoy
2012-06-30 13:01:47 ----A---- C:\Windows\system32\drivers\vjoy.sys
2012-06-30 12:50:19 ----A---- C:\Windows\system32\drivers\VSPE.sys
2012-06-30 12:40:01 ----A---- C:\user.js
2012-06-30 12:39:49 ----D---- C:\Program Files (x86)\BrowserCompanion
2012-06-20 16:02:31 ----D---- C:\Program Files\iPod
2012-06-20 16:02:30 ----D---- C:\Program Files\iTunes
2012-06-20 16:02:30 ----D---- C:\Program Files (x86)\iTunes
2012-06-19 06:21:34 ----A---- C:\Windows\system32\wups2.dll
2012-06-19 06:21:34 ----A---- C:\Windows\system32\wucltux.dll
2012-06-19 06:21:34 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-19 06:21:34 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-19 06:21:25 ----A---- C:\Windows\system32\wups.dll
2012-06-19 06:21:25 ----A---- C:\Windows\system32\wudriver.dll
2012-06-19 06:21:25 ----A---- C:\Windows\system32\wuapi.dll
2012-06-19 06:21:14 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-19 06:21:14 ----A---- C:\Windows\system32\wuapp.exe
2012-06-14 03:00:55 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-14 03:00:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-14 03:00:54 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-14 03:00:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-14 03:00:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-14 03:00:54 ----A---- C:\Windows\system32\urlmon.dll
2012-06-14 03:00:54 ----A---- C:\Windows\system32\url.dll
2012-06-14 03:00:54 ----A---- C:\Windows\system32\iertutil.dll
2012-06-14 03:00:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-14 03:00:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-14 03:00:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-14 03:00:53 ----A---- C:\Windows\system32\wininet.dll
2012-06-14 03:00:53 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-14 03:00:53 ----A---- C:\Windows\system32\ieui.dll
2012-06-14 03:00:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-14 03:00:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-14 03:00:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-14 03:00:52 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-14 03:00:52 ----A---- C:\Windows\system32\jscript9.dll
2012-06-14 03:00:52 ----A---- C:\Windows\system32\jscript.dll
2012-06-14 03:00:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-14 03:00:50 ----A---- C:\Windows\system32\mshtml.dll
2012-06-14 03:00:50 ----A---- C:\Windows\system32\ieframe.dll
2012-06-14 03:00:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-13 18:08:12 ----D---- C:\Program Files (x86)\TeamViewer
2012-06-13 18:07:24 ----A---- C:\Windows\SYSWOW64\hlvdd.dll
2012-06-13 08:55:56 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-13 08:55:56 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-13 08:55:56 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-13 08:55:50 ----A---- C:\Windows\system32\profsvc.dll
2012-06-13 08:55:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-13 08:55:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-13 08:55:45 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-13 08:55:43 ----A---- C:\Windows\system32\win32k.sys
2012-06-13 08:55:41 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-13 08:55:41 ----A---- C:\Windows\system32\msi.dll
2012-06-13 08:55:41 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-13 08:55:39 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-13 08:55:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-13 08:55:39 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-13 08:55:39 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-13 08:55:39 ----A---- C:\Windows\system32\crypt32.dll
2012-06-13 08:55:38 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-12 09:53:29 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-11 10:00:45 ----D---- C:\ProgramData\Mozilla
2012-06-11 10:00:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-11 09:56:20 ----D---- C:\Program Files\Microsoft Security Client
2012-06-11 09:55:32 ----D---- C:\bb3101f1d1cc1083cadb8bbb
======List of files/folders modified in the last 1 month======
2012-07-07 08:53:31 ----D---- C:\Windows\Temp
2012-07-07 08:53:15 ----D---- C:\Windows\system32\config
2012-07-07 08:41:25 ----D---- C:\Program Files (x86)\Steam
2012-07-07 08:37:55 ----SHD---- C:\System Volume Information
2012-07-07 08:34:29 ----D---- C:\Windows\inf
2012-07-06 23:15:45 ----D---- C:\Windows
2012-07-06 23:15:14 ----D---- C:\Windows\system32\drivers
2012-07-06 22:22:03 ----D---- C:\Windows\SysWOW64
2012-07-06 22:21:59 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-07-06 20:27:21 ----A---- C:\Windows\system.ini
2012-07-06 20:27:18 ----D---- C:\Windows\system32\drivers\etc
2012-07-06 20:22:59 ----D---- C:\Windows\SYSWOW64\drivers
2012-07-06 20:22:59 ----D---- C:\Windows\System32
2012-07-06 20:22:59 ----D---- C:\Windows\AppPatch
2012-07-06 20:22:58 ----D---- C:\Program Files\Common Files
2012-07-06 20:22:58 ----D---- C:\Program Files (x86)\Common Files
2012-07-06 18:31:04 ----D---- C:\ProgramData
2012-07-06 18:25:09 ----D---- C:\Windows\Prefetch
2012-07-06 03:00:28 ----D---- C:\Windows\winsxs
2012-07-06 03:00:27 ----D---- C:\Windows\system32\catroot
2012-07-05 23:35:52 ----RD---- C:\Program Files
2012-07-05 23:23:57 ----D---- C:\Windows\SoftwareDistribution
2012-07-05 23:23:40 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Skype
2012-07-05 23:23:38 ----D---- C:\Windows\Logs
2012-07-05 19:58:56 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-07-05 19:53:33 ----SHD---- C:\Windows\Installer
2012-07-05 19:53:32 ----RD---- C:\Program Files (x86)
2012-07-05 19:53:16 ----D---- C:\Program Files\ATI Technologies
2012-07-05 19:52:08 ----D---- C:\Windows\system32\DriverStore
2012-07-05 18:27:03 ----RSD---- C:\Windows\assembly
2012-07-05 18:26:25 ----D---- C:\Windows\system32\catroot2
2012-07-05 17:11:38 ----D---- C:\Program Files (x86)\Origin Games
2012-07-05 11:32:52 ----D---- C:\Windows\Tasks
2012-07-04 18:02:59 ----D---- C:\ProgramData\Solidshield
2012-07-04 18:00:42 ----D---- C:\Users\Rhonwyn\AppData\Roaming\GetRightToGo
2012-07-04 18:00:17 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Ubisoft
2012-07-04 17:23:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-07-04 17:23:03 ----D---- C:\Program Files (x86)\Ubisoft
2012-07-04 08:46:48 ----D---- C:\Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite
2012-07-04 08:46:44 ----D---- C:\Users\Rhonwyn\AppData\Roaming\TS3Client
2012-07-04 08:43:26 ----D---- C:\Windows\Panther
2012-07-04 08:43:26 ----D---- C:\Windows\ModemLogs
2012-07-04 08:43:19 ----D---- C:\Windows\Minidump
2012-07-04 08:43:19 ----D---- C:\Windows\debug
2012-07-04 08:41:58 ----D---- C:\Windows\system32\Tasks
2012-07-02 20:39:32 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-06-30 17:50:56 ----D---- C:\Program Files (x86)\Origin
2012-06-30 12:47:05 ----D---- C:\Windows\SYSWOW64\directx
2012-06-30 09:16:51 ----D---- C:\World of Warcraft
2012-06-27 21:59:18 ----D---- C:\Program Files (x86)\Diablo III
2012-06-23 21:48:26 ----D---- C:\Users\Rhonwyn\AppData\Roaming\vlc
2012-06-23 11:25:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-06-22 21:59:06 ----D---- C:\Program Files (x86)\AMD
2012-06-21 08:43:42 ----D---- C:\Windows\rescache
2012-06-21 07:48:56 ----D---- C:\Windows\system32\cs-CZ
2012-06-19 18:08:20 ----D---- C:\Windows\system32\CodeIntegrity
2012-06-19 18:08:19 ----D---- C:\Users\Rhonwyn\AppData\Roaming\GHISLER
2012-06-19 18:08:17 ----D---- C:\Windows\system32\wbem
2012-06-19 18:06:14 ----D---- C:\Windows\system32\LogFiles
2012-06-14 22:37:16 ----D---- C:\warez
2012-06-14 03:38:29 ----D---- C:\Windows\Microsoft.NET
2012-06-14 03:29:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-14 03:29:19 ----D---- C:\Windows\SYSWOW64\migration
2012-06-14 03:29:19 ----D---- C:\Windows\system32\migration
2012-06-14 03:29:19 ----D---- C:\Program Files\Internet Explorer
2012-06-14 03:29:19 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-14 03:11:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-14 03:05:40 ----A---- C:\Windows\system32\MRT.exe
2012-06-13 18:07:39 ----D---- C:\Windows\system32\Setup
2012-06-13 18:07:16 ----D---- C:\MosaicApp
2012-06-12 09:47:39 ----D---- C:\Windows\system32\wfp
2012-06-12 09:46:41 ----D---- C:\ProgramData\Origin
2012-06-12 09:46:41 ----D---- C:\ProgramData\McAfee Security Scan
2012-06-12 09:46:40 ----D---- C:\Windows\registration
2012-06-12 09:46:19 ----SD---- C:\ProgramData\Microsoft
2012-06-11 10:01:01 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Mozilla
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-12 283200]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2011-11-22 78208]
R2 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2011-11-22 139592]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2011-09-28 321536]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-08 9884672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-08 307712]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-03-07 40832]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-03-07 65280]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-07-07 25640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 KMWDFILTERV1;HIDUASServiceDesc; C:\Windows\system32\DRIVERS\RPGMOUSEV1.sys [2009-06-10 24576]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 24904]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
R3 vhidmini;VJoy Virtual Joystick; C:\Windows\system32\DRIVERS\vjoy.sys [2012-06-02 14976]
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2009-03-13 53760]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2011-09-08 57088]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2011-08-09 21120]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-02-27 30528]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2011-12-15 351392]
S3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2011-12-15 4862368]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-19 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-19 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-19 33792]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 140672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-08 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2011-12-30 4889032]
R2 KmGameMouseServiceV1;Game Mouse Communication And Update Service V1; C:\Program Files (x86)\Trust\GXT14 Mouse\GameMouseServiceApp.exe [2009-05-18 354816]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-05 76888]
R2 SCBackService;Splashtop Connect Service; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-03-24 493384]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
R2 WinVNC4;VNC Server Version 4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-06-19 529232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Zopakujte krok se Systemlook