Ahojda, chvilku som nehal kamarata na pc a uz som zbadal v procesoch nejake nepekne veci.. nasiel som tam 1 urcity program ktory sa vkuse zapina kvoly
nejakemu .VBS skriptu - ten som smazal, pretoze som pozeral v ccleanerovy programy ktore sa spustaju po starte.. ten vbs skript obsahoval nejake zahadne
znaky .. dufam ze som to mal vymazat, lebo ak som spravil chybu tak neviem ako to ziskam spet.. no, a zistil som to tak - jednoduchou nahodou isiel som zapinat
left 4 dead 2 (ktore mam samozrejme kupene !) a vyskocilo na mna, ze neni zapnuty windows defender, ta vlajocka v panele uloh bola preciarknuta a pisalo to ze
sa win defender neda zapnut - nahly reset, skumal som cim to je, pretoze bez resetu mi isiel brutalne pomaly pc.. resetol som a naskocil mi aj internet, dufam ze to pre popis co sa stalo staci..
PS: uz len pohlad na X poslednych riadkov v RSIT mi nerobi dobre, nejake nezname drivery premna.. no, dufam ze som na tom az tak zle neni.
tu je RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Spravca at 2013-01-15 20:24:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 246 GB (52%) free of 477 GB
Total RAM: 8189 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:45, on 15. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Spravca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe] C:\ProgramData\Adobe\F9A336.vbe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-144053010-3787646527-420655005-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-144053010-3787646527-420655005-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11673 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {331453E2-FC70-4623-A8AE-7D8EBE61F18E}
C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry -p 0
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3244.1.209570800\560410419" --supports-dual-gpus=false --skip-gpu-full-info-collection --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1090 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3244.2.1802402202\1110903061" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3244.3.558491066\1394692654" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3244.4.1336839832\1081897061" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/rf-np-plugin.dll" --lang=sk --channel="3244.5.1487977355\902874594" /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3244.10.1314776447\1977609969" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" -sf
"C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe"
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" "-launchedbycsxs"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.28.802152047\1361844723" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.29.1076127045\1352454889" /prefetch:3
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.38.1764274815\1684305433" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.39.1858045132\1507792290" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Spravca\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 50C7F08F-0F46-7126-C823-21C41EB968E0 -Reinvoke
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-12-27 24518144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-15 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-12-13 6304016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-15 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-12-27 18425000]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-14 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-12-13 4527888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-14 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-12-27 24518144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-12-27 18425000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2012-08-25 765200]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2012-12-17 9152968]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-11-15 968592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-08 3093624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-24 336992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2012-12-27 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-11-15 968592]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-14 2255360]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe"=C:\ProgramData\Adobe\F9A336.vbe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-01-15 20:24:42 ----D---- C:\rsit
2013-01-15 17:32:41 ----D---- C:\skyrim
2013-01-11 07:07:48 ----D---- C:\ProgramData\Orbit
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvopencl.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvoglv64.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvinitx.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcuvid.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcuda.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcompiler.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-01-10 20:14:26 ----D---- C:\NVIDIA
2013-01-09 17:11:09 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 17:11:09 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 17:11:00 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 17:11:00 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 17:11:00 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 17:11:00 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 17:10:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 17:10:58 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 17:10:57 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 17:10:57 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 17:10:54 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 17:10:54 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 17:10:54 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 17:10:54 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 17:10:35 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 17:10:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 17:10:33 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:10:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 17:10:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 17:10:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:10:31 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 17:10:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 17:10:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 17:10:24 ----A---- C:\Windows\system32\taskhost.exe
2013-01-09 17:10:23 ----A---- C:\Windows\system32\win32k.sys
2013-01-08 15:34:09 ----D---- C:\Valve hammer editor
2013-01-06 11:11:47 ----A---- C:\AdwCleaner[S1].txt
2013-01-05 20:05:48 ----D---- C:\Program Files (x86)\Adobe Story
2013-01-05 12:19:02 ----A---- C:\AdwCleaner[R1].txt
2013-01-04 14:06:10 ----D---- C:\Users\Spravca\AppData\Roaming\Sony Creative Software Inc
2013-01-02 22:26:50 ----D---- C:\Program Files\Games
2012-12-31 21:51:10 ----D---- C:\Users\Spravca\AppData\Roaming\Garena
2012-12-31 21:51:10 ----D---- C:\ProgramData\Garena
2012-12-29 02:54:24 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2012-12-28 19:20:22 ----D---- C:\Users\Spravca\AppData\Roaming\PSpad
2012-12-28 19:20:17 ----D---- C:\Program Files (x86)\PSPad editor
2012-12-28 17:36:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-12-27 09:17:39 ----D---- C:\ProgramData\RoboForm
2012-12-27 09:17:19 ----D---- C:\Program Files (x86)\Siber Systems
2012-12-27 09:16:54 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-12-27 09:16:52 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-12-27 09:16:51 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-12-27 09:16:50 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-12-27 09:16:49 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-12-27 09:16:48 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-12-27 09:16:48 ----A---- C:\Windows\system32\aswBoot.exe
2012-12-27 09:16:38 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-12-27 09:16:30 ----D---- C:\ProgramData\AVAST Software
2012-12-27 09:16:30 ----D---- C:\Program Files\AVAST Software
2012-12-24 17:18:17 ----D---- C:\ProgramData\NexonSG
2012-12-24 17:18:17 ----D---- C:\ProgramData\Nexon
2012-12-22 21:31:39 ----D---- C:\Users\Spravca\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-12-22 16:58:28 ----A---- C:\Windows\patchw32.dll
2012-12-22 16:58:28 ----A---- C:\Windows\patchw.dll
2012-12-22 16:57:00 ----D---- C:\Program Files (x86)\Outspark
2012-12-22 10:45:58 ----D---- C:\Users\Spravca\AppData\Roaming\.minecraft
2012-12-22 08:27:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-22 08:27:12 ----A---- C:\Windows\system32\atmlib.dll
2012-12-22 08:27:10 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-22 08:27:10 ----A---- C:\Windows\system32\atmfd.dll
2012-12-18 13:10:01 ----D---- C:\Program Files (x86)\Secunia
2012-12-17 23:50:44 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 months======
2013-01-15 20:24:45 ----D---- C:\Windows\Prefetch
2013-01-15 20:24:44 ----D---- C:\Windows\Temp
2013-01-15 20:24:37 ----D---- C:\Users\Spravca\AppData\Roaming\Skype
2013-01-15 19:35:21 ----D---- C:\Users\Spravca\AppData\Roaming\uTorrent
2013-01-15 18:54:14 ----D---- C:\Windows\System32
2013-01-15 18:54:14 ----D---- C:\Windows\inf
2013-01-15 18:54:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-15 18:51:58 ----D---- C:\GAMES
2013-01-15 18:22:24 ----D---- C:\Users\Spravca\AppData\Roaming\GarenaPlus
2013-01-15 18:22:24 ----D---- C:\ProgramData\GarenaMessenger
2013-01-15 18:05:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-01-15 18:04:22 ----D---- C:\Program Files (x86)\SpeedFan
2013-01-15 18:02:18 ----D---- C:\Windows\system32\Tasks
2013-01-15 18:01:59 ----D---- C:\ProgramData\NVIDIA
2013-01-15 18:01:15 ----D---- C:\Windows\system32\config
2013-01-15 17:57:22 ----HD---- C:\ProgramData\Adobe
2013-01-15 17:54:28 ----D---- C:\temp
2013-01-15 17:49:25 ----D---- C:\Windows\SysWOW64
2013-01-15 17:49:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-01-15 16:31:31 ----D---- C:\Program Files (x86)\Steam
2013-01-15 08:07:21 ----SHD---- C:\System Volume Information
2013-01-14 14:34:54 ----D---- C:\Windows\system32\catroot2
2013-01-11 22:52:15 ----D---- C:\Windows
2013-01-11 22:52:15 ----A---- C:\Windows\Sandboxie.ini
2013-01-11 07:07:48 ----D---- C:\ProgramData
2013-01-11 06:51:36 ----D---- C:\GFX
2013-01-10 23:14:31 ----D---- C:\Windows\rescache
2013-01-10 20:28:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-01-10 20:27:59 ----D---- C:\Windows\system32\DriverStore
2013-01-10 20:27:59 ----D---- C:\Windows\system32\catroot
2013-01-10 20:26:27 ----D---- C:\Windows\system32\drivers
2013-01-10 06:48:29 ----RSD---- C:\Windows\assembly
2013-01-10 06:48:29 ----D---- C:\Windows\Microsoft.NET
2013-01-10 06:32:06 ----D---- C:\Windows\winsxs
2013-01-09 22:59:14 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-09 22:59:14 ----D---- C:\Windows\system32\sk-SK
2013-01-09 22:59:14 ----D---- C:\Windows\AppPatch
2013-01-09 22:53:51 ----SHD---- C:\Windows\Installer
2013-01-09 22:53:43 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-09 22:49:02 ----D---- C:\Windows\debug
2013-01-09 22:49:00 ----A---- C:\Windows\system32\MRT.exe
2013-01-08 18:25:53 ----D---- C:\Users\Spravca\AppData\Roaming\TS3Client
2013-01-05 20:56:27 ----D---- C:\Users\Spravca\AppData\Roaming\Adobe
2013-01-05 20:56:13 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-01-05 20:08:35 ----D---- C:\Program Files\Adobe
2013-01-05 20:07:34 ----D---- C:\Program Files (x86)\Adobe
2013-01-05 20:06:00 ----D---- C:\Program Files\Common Files\Adobe
2013-01-05 20:05:48 ----RD---- C:\Program Files (x86)
2013-01-05 20:04:02 ----D---- C:\Program Files (x86)\Common Files
2013-01-05 15:40:17 ----D---- C:\Users\Spravca\AppData\Roaming\Winamp
2013-01-04 21:48:05 ----D---- C:\Windows\Logs
2013-01-04 12:50:38 ----D---- C:\Users\Spravca\AppData\Roaming\Sony
2013-01-02 22:26:50 ----RD---- C:\Program Files
2012-12-30 21:28:33 ----D---- C:\Program Files (x86)\Garena Plus
2012-12-29 11:34:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-12-29 11:34:47 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispgenco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvapi64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvsvc64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvcpl.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvvsvc.exe
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvsvcr.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvshext.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvmctray.dll
2012-12-28 17:32:37 ----D---- C:\Users\Spravca\AppData\Roaming\Hamachi
2012-12-27 09:19:18 ----D---- C:\ProgramData\MFAData
2012-12-25 09:28:54 ----D---- C:\Users\Spravca\AppData\Roaming\.techniclauncher
2012-12-25 09:28:42 ----D---- C:\Users\Spravca\AppData\Roaming\logs
2012-12-23 21:47:01 ----A---- C:\Windows\win.ini
2012-12-22 16:56:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-22 16:30:24 ----D---- C:\ProgramData\PMB Files
2012-12-20 19:36:08 ----D---- C:\Users\Spravca\AppData\Roaming\vlc
2012-12-20 12:36:12 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-24 126944]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2008-02-01 32240]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 AR9271;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuwx.sys [2011-07-28 2224160]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-07-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-07-29 79104]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2012-08-25 202632]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 X6va003;X6va003; \??\C:\Users\Spravca\AppData\Local\Temp\0034C84.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 884152]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2012-08-25 123664]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 116648]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-22 76888]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 116648]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-01-12 541608]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
EDIT:
Nasiel som kopiu toho skriptu, spravil som si to predtym nez som to mazal..
meno:F9A336.vbs
toto obsahuje ten skript:
#@~^wR0AAA==2MWaH{!DV,',E\l!+Y4R^4bm3U3bVV. mK:r@#@&w.GXXmhK.3D~x,J\XTZ)-*ZTr@#@&sk +D|EMsP{PE\l!TO4Rm4rm0+x0rsVDcmG:E@#@&@#@&4KGVA6rOwVlL~{Pol^d@#@&Kwxm^P{~Um.kaY /M+lDnr(L+1OcPrUm.k2Oc?4+^sJ,# 3XwlU[Ax-kMG :n YUYDbxTd`r] qgf(]uJ#,'Pr-/HdO+s&y-6wnU;S N^sJ@#@&rW,0ksnA6r/DcKwn m^#PDtU@#@&d^l^V~jD+w8@#@&ifW@#@&7dEP;tnmV~DW~/nPb0~(,mlU~T+OPm~akUTPM+/aW d+,0.WsPOCMo+D@#@&idq6~Kk ovJLWGL^+ mKhJ*PP4x@#@&7idvP;C^V~DtPmKN~YKP.E PGU,mW U+1Y@#@&77d;l^V~HCr P~P,~P,P~~,PP~@#@&d7d(GKV3XkDsVmo,xP:D;+@#@&77AxN,(0@#@&di jmMkaY /snw~FZT!,B~KmE/n~6W.P8~k+^Kx9/P(+6GDPU+XY~CDY+s2Y@#@&ddGGw,h4ks+~8KWs2XrYwVCL,@!@*~PMEn@#@&n N~b0@#@&@#@&/!8Ptlrx@#@&7OswP{~UmDb2OR;DlO+68N+^Yv~Jq?^.bwY j4+sVr~*R3XwmxNAx7rDKxh+ YjOMkxTd`r]KA\K]r#@#@&7mh[,'~PDhw,[~E'/\^4K/ORaJ@#@&dalDm:k~',J~OKP4ODw)J&J,[Pa.G6H{!DsP'E,O6Pr~[,w.GXX{AGM3nD,'rPR^P8J@#@&d!.V,'~J4YO2=zzr~[,:k n.{!D^@#@&dFr^VKDK^m/d~1:N@#@&iNGh sKl[,EMVPLPr&/7m4WkY nX+JB~YswPL~Ezk\1tG/O 6nJ@#@&d9WAU^Wl[~!DsPL~rzsb41ED^OW N^VE~,Yh2,[Pr&Vb4m!.sOWR9VsJ@#@&iNGh sWmN~;MVP'~rzsk(nmXfyR9VVr~,O:aP'Przsr(+lHf cNV^E@#@&iNKhUVGC9P;D^~[,J&sb4k[U FqR9s^JS,YswPLPr&Vb4rN OqqcNV^E@#@&dNKAUVKl9P;Ds~LPEz^r4!/8R8R! [^VE~,Osw~LPrzVb4!d4 F !cNssr@#@&i[WSxVKC[P!D^P'PE&9kC4^GFyFTq+RmsEBPO:a~LPEJNbl4^W8+FZFR1VE@#@&dNKAx^Wl9~;D^PLPEz24mYVFyq!8v ^^J~~Osw~[,EJw4mY0F 8!8R1VE@#@&d[GSxVKCN,ED^~'PrzaW^V8h8 q!8R1VES,Y:2~LPEzaG1V8sFyF!8vc^Vr@#@&d9WAU^Wl9~EMVPL~EzaY4Dnl[!; N^sJBPOhaP[~EJwOtMnmN!; cNV^J@#@&d9WAx^WC[,ED^~[,Jzkds+mX2 Nssr~~Ys2PLPE&k/VnCH&+R9s^J@#@&d9Wh VKCN,E.V,[~EJyVb8FcNV^ESPD:aP'PE&.Vr48 N^VE@#@&d/4n^V~m4.v&**PLPmsN,~[,m4Dv&*b,[PaCDm:/@#@&nx9PkE8@#@&@#@&s;x1OkKx~KbxocdDDuWkO*@#@&@#@&,PP,?OPK4%nbxL~{PMOr(L+1OcJSk :L:Od= r:anDkWUCDkWUJ\nV{rswnM/KxlD+)E#c2a+1p;nMX`rd+^+mD~MP6DK:~rU2 mnbUoUYCO!/PA4DnPm[9Dnk/,'PEJ,'PkY.CK/O~LPJEE#@#@&@#@&~~P,y,'~!@#@&,P~PGGP,P~@#@&PP~~,P~P.~{P",_,F@#@&P,~P,P~PwW.~Alm4~W(LIOjYmY!/~qU~K4%nbUo,P~~,PP~@#@&P~P,~,P~,P,Pq6P&d1!Vs`K4%]Y?DCY!/RUOCY!/;W[+b~}D~W(%IYjOmYEd UYCY!d;W[P@!@*PZP:4+ P~P,P~~,PP,~@#@&PP,~~P,P,P~P~~,PKk L?DlO;kP'~omVd+,~,P~,P,@#@&,P,~P,P~P,P~3^/+@#@&P,PP,~~P,P,P~P~~hkUoUOlDEd~{PK.;P~P,~,P~,P,PP,@#@&~P,P~P,P~~,P2 [P&0P,~~P,@#@&P~P~~,P~1aY,P~~@#@&@#@&~,P~P,~,B~:DHPl,0APDkh+kPrU,mlknPslm4rU+,NK+dxvO,Dn/aGx9P.rTtY~CSlz@#@&~,P~,P,PhkmMrwDRdV+2~y!!@#@&P,PP,~~P&0,y~'~*,K4+ ~2XkO~GW@#@&@#@&P~P,JKW2,E Yk^PhrxT?OlDEd~{PKM;+@#@&@#@&~~P,q6PKkULUYCY!dP{PP.!+PP4x~@#@&~,P~,P,PnbxT~',K.E@#@&~,PPAs/@#@&,~~P,P,PKkUL,'~sms/@#@&~,PP3U9P(0@#@&@#@&3 N,sE mDrW @#@&@#@&0;U1YkKUP9Wh sGl9`ksrVni"SSPkJW1lOrKx#@#@&,@#@&dE^M+CD+,6:^tDOw,W8LmO@#@&d?OPK4Lo\JC:KhPxP/.lO+}8LmOcrH?p\d (tJ_KPhJ*@#@&,@#@&7BT+OPDtn~M+:KO+,0k^n@#@&iW(LpHJu:KKRK2+ PE!AKJS~ksrVi"SS,0mV/@#@&~@#@&dv/x[~Dt+,.+$E+kO@#@&iW(LpHJu:KKRknx9`b@#@&P@#@&7EhCkD~!xObV,YtP9CYmP4lkP[GSxVKCNNPk;^m/k0;Vsz@#@&7NK~E Yrs,W4%ptSuK:Kc?OmY!/P{PyT!,)~PS/^.bwYcdV+wvqT!Z#,)~PsGKw@#@&,@#@&iBrW,Ytn~9lOl,4m/~9WSxVKl9nN,/;m/dW!VVH@#@&iq0,G8LoHdCPKK UYCY!dP{P+TZPK4n @#@&P@#@&,P~,diBmM+mO+,4rxmDz~kYDC:,W4Nn^Y@#@&idj+O~K4%bG6?DDnCsP'~/M+CY6(Ln1YvJbGrG$RUY.+m:Eb@#@&diG4Nbf}jODlsR6wnU@#@&~@#@&7P,P~~,PPvC9Kzw$bxCMX@#@&diW(%bGrjYM+ChcKXanP{PF@#@&7dK4Nb9rjOM+C:c DbYn~K4Lp\dCPKh "+daW /+~W9z@#@&P@#@&iP~~,PP,~BU+Y,O4+,/DDnlh~aWdkDrW POG,Ytn~kYCDD@#@&d7K4Nbf}?D.+m: nK/rObWx,xPZPP,~@#@&,@#@&d~P~~,P~PE^DlOn,0ksn,/z/DnsPG(LmY,YK~l^VGh,Y4n,/mMrwDPYK~^tm0PWW.~mx~+Xr/DkUL,0ksn@#@&7P,~,P~,PU+Y,W(%sUr~',Z.nmY+K8LmYvEjmMkaYrxL wks+Uz/D+h6(L+^Or#@#@&,@#@&d~,P,PP,PE^tmVPb0~O4+P6rVP+XrdYk~,kWPrO,+akkO/,Y4n PNnsYnPbO@#@&7iq6PW(LwjrcsrV+arkY/vdSKmlDrGx*P:tnx~G(Lo?} fVnOsksn,/JW1CDkG ~,YD!+@#@&P@#@&7P,P~~,PPE[+kYDKz~0bVPdXdO:~W(%+1Y@#@&id?nO,W8Lwj}Px,1KYtbxT@#@&,@#@&d,P~~,PP,v/m\+,O4+,l9W~/O.lhPDGPmPWr^+@#@&7iW8Lz9}?OM+m:RUl7nKKsrVPdJKmlDrW @#@&,@#@&d,P,P~P~~EmsWknPDtn~mNW~dDDnls@#@&d7K4Nbf}?D.+m: Z^Wdn@#@&P@#@&diBNdODKX,Y4+~C9W~/D.+m:~G(L+^O@#@&7dUnDPG(LzfrUYMnlsPxPgWO4bxo@#@&P@#@&divnx9PK4%+^O,NGh sWmNn[,/E^^/d0!s^X@#@&diNWSx^Gl9PxP:D;n@#@&dAs/@#@&i7[WSx^WCN~x,sCVkn@#@&d3U9PkW@#@&P@#@&iv9+dDDKXPX:^~tDY2PK4%n1Y@#@&7?YPK8%(tS_KPn~x,1GY4rxT@#@&~@#@&2U[,0;x1ObWU@#@&@#@&0!x1OkKx~0bVn3Xk/Dc0bV+ Ch+*@#@&dj+O~K4%sU6P{P/.lYnG(LnmDcr?^MkaYk ocok^+jXkYnh}4L^Yr#@#@&7Wk^+A6r/O~{PG4No?}Ror^+2arkYd`6r^+Um:#@#@&2 [P6EUmDkGU@#@&@#@&WE mYbGUP6W^NnD3ab/O`6GV9+.b@#@&djnDPG4NoUr~{P;D+mY64N+^YvJj^MkwDrxTRsbsn?H/D+hr8%mOJ*@#@&i0Gs9+D3ab/OP{~K4%w?}RsKV9nDA6r/D/cWKVN.#@#@&+ [~0!x1YrWU@#@&@#@&/!8P1DnCD+sGs9+.`6G^NnM#,@#@&i?OPK4%sUr~x,ZDCYr4Nn^YvJUm.k2ObxLRwrV?zdD+:68N+^Yrb@#@&7b0,0W^N.2XkdYv0Gs9+D*~',0l^dnPDtx~@#@&7K4%sU6R;DnCD+sGs9+.P6G^NnM@#@&d+ N,r0@#@&nx9Pd;(@#@&@#@&/!4Pk4nV^`1:[#@#@&,P~PE~I!x~C,mWhhmx[Pmd,kW,XKEPS+MnPMEUxbxL~6DWs~Y4+P1Gh:mx9PskUn@#@&~P,~Nb:~G(L?4n^V@#@&,~,PjY,W4N?4nV^PxPq?^.bwYc/DlY68LmD`~J j1DrwD ?4+ssrP#@#@&,P~PK8N?4V^RI!x,^:9~~!BPWC^/+@#@&P,PPUnOPK4N?4+ss,'~1KOtbxL@#@&+x[~kE8@#@&@#@&/;(P1WwH`6.Ws{2lDtS~DW{aCY4#@#@&7[ksP6ks+dzk@#@&dknY,0rs/Xdx;DnlDn}4%mD`JUmMrwDkUocsrs?XkO+sr4Nn^Yr#@#@&7qW~6ks+kz/csrs26rdD/c0MGs{2mY4#P:tU@#@&d~P,0rs/Xk ZKwXwrs+,0MWh{2CDtSPDG{alO4@#@&d3U9P(0@#@&x[,/!4@#@&@#@&dE(P4k9+oG^N+Mc0KVN.b@#@&dU+OPG8Nsjr,xP;DnCD+r8%mO`rj1DraYbxocsbs+UXdY:68N+mDE#@#@&dUnOPK4NsGV[nMPxPK8Lw?6 V+YoG^NnDvWKV[D*@#@&iq6~W(LoW^Nn.cbYD.k(EYd~',W(LoWs[D bDODb4;O/P)HGP+P:4x@#@&diW4NsKsND bDY.r(EYdP{PW(%oW^ND bOOMk8EDn/,(6], P@#@&i2UN,(6@#@&x9P/!4@#@&@#@&si1;K(6gPkkKDKm+kd]E xbxL`$ejbJPkOD;Wh2!Y+.S~5#bd~kY.hDKm+k/gC:#@#@&@#@&79&HPK8LqHqUn.\bm~~/O.qH(p!nDH@#@&@#@&d/O.qH(p!nMX~{Pr?+^+1OPCPWDK:~ bx&ymnMWmddPStDnP3am;Ym8VnCO4PVrVPvJ,',/OMnMWm/kHls+~[,JvE@#@&d@#@&dU2K,G8LqH&?nD-r1+~',!2:r$BAZKcESkU:ThD/lrP|@#@&idL~JPkhwDdG lYbGxd+\sxkswDdWUCD+N"'wJ,{~@#@&dd7',/OD;Gsw;D+MP[,J'.WKYwmb:-+r#P@#@&@#@&@#@&i(oPK4N\qjnM\rm 2X+^}!+DzckY.t(5EnMX*RZKE OP@*PTP:C3H@#@&dir/hDW1nd/"E xrxL~{PPI`3@#@&d3JU2@#@&7ikdnMG1+dkI!xxbxT~',s)SU2@#@&i21G~qw@#@&@#@&31GPwjHZP(}1@#@&@#@&?!4~FbVVK.Km^+kdvPhHnMWm/k~#@#@&vb!Y4GM/),9+ k/,jOOhkD.+~C N~IK8P7lU~9+D~ KE[+@#@&En;MwK/+=PnrV^/~l,w.G1+/k~l NPSCrYkP!xOks~bY~kk~YMEsz,N+C[@#@&@#@&,~,P9b:,4V I!UxbxL~,mGshDW1n/k+/B~G4NnMW^+dd@#@&~P,~4^x]; xkUL,'~smsk+@#@&@#@&PP,PUnY,mGVhDG^//dP{PMO64N+1YcPEAbxhosO/= rha+DdG lOkKUd+-V{k:a+MdW lO+)J~bc26^p!+DHc~JU+^+^Y~M,s.Ws~bxf+|nDG^/dJB~BP*RP*@#@&,P,~sKD~2mm4~K4Lh.W1+/k~rx,mKVKDG^/d+k@#@&,P~~,PP~(6PJZmd`~sXhDW1+kdP*PxPdZCd`PK8LhDW1nd/c2X+^EOC(VnnmOt*PP4x@#@&~,P~P,~,P~,PEPZKx6rDsPOtmY~O4+Pa.W1+/k~AlkPmmOECs^X~D!UxbxL@#@&PP~~,P~P,~,P8^x"Ex k LP{PPD!+@#@&,PP,~P,PP,~~B,MY~+aC1Y~mmd+,0G.,Ytn~mmOEms,w.Km//,xmh+@#@&~P,P~~,PP,~PsXnMG^+k/,PxPG8Nn.W1n/kR3amEOC(VnnmO4@#@&,P,PP,P,~P,PvPnkss,lV^~k /YmU^+kPK0~Y4n,w.W1n/k@#@&~,PP~~,P~P,~K4%hDKm+k/cP+M:rxmYnc*@#@&,~P,PP,~3x9P&0@#@&~~,PH+XO@#@&2U[,?E8@#@&@#@&?!8,Nrkl(V+wkMnhmVs`*@#@&7kt+^sPrD+T n6PmN[PE'1t.`2*#LJuFdH-jG6YAlMn'Hr1DK/W6Y' k NGhk-/;MD+ O.D/bGU-hW^k^knd'2aw^GDDE'1tDcfW#'J,&7PubN?ZzCCVDt~zDP]3V{fq6IGPz9~T68PJ0E@#@&7ktnV^~J +O~kYW2~S/^/7^r@#@&i/4+V^PrU+DPdYKw~ bxfW+ NJ@#@&7/4+^V~Jd^,mGx6ro,rUG+0nU9'~Nbdm4sNr@#@&i/4nV^PE/1P^G 0kT~hkm/7^~/DlMYxP[rkl8V[J@#@&7d4+Vs~rxnY,dDW2,Ha/?7mr@#@&i/4+^V~EkmP1Gx6ko,\2/U\1PdYC.D'~Nbdl(Vn[r@#@&7d4+sV,E +O,/DWw,?4CDN)m1+ddr@#@&idtVV,Edm,mKxWkL~UtCD[b1mndkP/OCMYxP9rkl8^+9J@#@&2 [PUE8@#@&@#@&d!4PUO+aF@#@&7[kkl(Vnsr.hCV^@#@&i4Cd{0Gs9+.P{~rZl'nMWoMls9lDlE@#@&d^.lYoW^N+Mc8lk+|0GV[nM#@#@&i4k9+oG^N+.c(ld+|WKV[D*@#@&i4md+|0GV9+.~{P4md+|0W^[nD,[,Jwb[G(+E@#@&7mM+COsWs[Dc4md{WKV9+D*@#@&7tbNnsKV[nM`4md+|0W^[nD*@#@&dO:2mDtr/,xP(ldn|0Ws[D~[,E'J~LPq?mMkaORUm.kaYHCs+@#@&7mKwX, jmMkaY ?^.bwOs!sVglhnBPYh2|Y4kk@#@&dd4+^VPrDLR6nPmN[~r[m4.`2c#LEu|A5|S6Z)J|H)Z_(1A-j6wK)]A-\k1.K/G6Y'k NKA/'Z;DM+UOj+DkrW -I!UE[1tM`fcb'rP&\,)NK4n~JYP]3V{j},&9PE,[,mtM`2*#,[~YswmO4k/,'P1tDvf*#,[,J~zWE@#@&nx9~?!40ZYIAA==^#~@
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
Majte sa tu pekne 
Zase nekdy 
Magia toto.. hned je tu CF, 5minut mi prosim dajte 