Logfile of random's system information tool 1.09 (written by random/random)
Run by tata at 2013-02-25 17:26:46
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 46 GB (26%) free of 175 GB
Total RAM: 3327 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:57, on 25.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\ICQ7.7\ICQ.exe
C:\Program Files\trend micro\tata.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\PROGRA~2\Sticky Password\spIEBho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O3 - Toolbar: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\PROGRA~2\Sticky Password\spIEBho.dll
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [StickyPassword] "C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Sticky Password - res://C:\Program Files (x86)\Sticky Password\spIEBho.dll/616
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Installer Service - Unknown owner - C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer\InstallerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11744 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\System32\alg.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\diMaster.dll" /prefetch:1
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"taskhost.exe"
"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe" /c /a /s UserSession
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2064
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" /PROTECT
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
taskeng.exe {591451DA-A28F-45F5-BCE7-D508CD3F00AB}
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\ICQ7.7\ICQ.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\AUDIODG.EXE 0x6e0
"C:\Users\tata\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job
C:\Windows\tasks\NUAutoUpdate.job
=========Mozilla firefox=========
ProfilePath - C:\Users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\3m1obsv1.default-1353393322373
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\3m1obsv1.default-1353393322373\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-01 2324576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-01-25 139344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07 436192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-02 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC02E217-6E13-4F14-9BAC-D7BA27C1E912}]
Sticky Password Toolbar - C:\PROGRA~2\Sticky Password\spIEBho.dll [2013-02-14 1357112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-01 1722488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-02 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07 436192]
{AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - Sticky Password Toolbar - C:\PROGRA~2\Sticky Password\spIEBho.dll [2013-02-14 1357112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 3994960]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2012-12-02 2846168]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"StickyPassword"=C:\Program Files (x86)\Sticky Password\stpass.exe [2013-02-14 8131896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4Sync]
C:\Program Files (x86)\4Sync\4Sync.exe [2012-10-11 11926560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe [2012-12-11 3766168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CachemanTray]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-07-26 2782096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\tata\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-14 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
C:\Program Files (x86)\Free Download Manager\fdm.exe [2011-12-28 6148096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\tata\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-14 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-14 1564368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-04-14 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2012-01-05 1823744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 3994960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent]
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2012-01-12 371256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine]
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-01-02 501544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [2012-09-29 104480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2012-06-20 74752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStartupSound"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1
"NoSMBalloonTip"=1
"NoDrives"=0x01000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccleaner64.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DATABASECOMPARE.EXE]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dtlite.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lync.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\misc.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoev.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msotd.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nu.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstlink.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstview.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OcPubMgr.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perfectdisk.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPREADSHEETCOMPARE.EXE]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sptdinst-x64.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.MLCY"=mlc.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\winver.exe
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\user32.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\slmgr.vbs
2013-02-25 11:46:00 ----D---- C:\ProgramData\Windows Genuine Advantage
2013-02-25 11:43:57 ----D---- C:\Users\tata\AppData\Roaming\Wocarson
2013-02-25 08:31:59 ----D---- C:\Program Files (x86)\GUM57F1.tmp
2013-02-25 08:14:20 ----D---- C:\Users\tata\AppData\Roaming\CoSoSys
2013-02-24 15:24:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-02-23 09:46:46 ----D---- C:\Users\tata\AppData\Roaming\Lamantine
2013-02-23 09:45:37 ----D---- C:\Program Files (x86)\Sticky Password
2013-02-18 19:03:22 ----D---- C:\Users\tata\AppData\Roaming\Delta
2013-02-18 19:03:21 ----D---- C:\ProgramData\BrowserProtect
2013-02-18 19:02:08 ----D---- C:\Program Files (x86)\TapinRadio
2013-02-18 15:44:48 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-02-17 12:01:26 ----D---- C:\Users\tata\AppData\Roaming\Babylon
2013-02-17 12:01:26 ----D---- C:\ProgramData\Babylon
2013-02-13 21:32:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-13 21:32:13 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-13 21:32:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-13 21:32:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-13 21:32:08 ----A---- C:\Windows\system32\ieui.dll
2013-02-13 21:32:03 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-13 21:32:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-02-13 21:32:03 ----A---- C:\Windows\system32\url.dll
2013-02-13 21:32:03 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-13 21:32:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-13 21:32:02 ----A---- C:\Windows\system32\urlmon.dll
2013-02-13 21:31:57 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-13 21:31:57 ----A---- C:\Windows\system32\jscript9.dll
2013-02-13 21:31:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-13 21:31:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-13 21:31:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-02-13 21:31:55 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\wininet.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\vbscript.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\jscript.dll
2013-02-13 21:31:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-13 21:31:54 ----A---- C:\Windows\system32\iertutil.dll
2013-02-13 21:31:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-13 21:31:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-13 21:31:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-13 21:31:50 ----A---- C:\Windows\system32\mshtml.dll
2013-02-13 21:31:50 ----A---- C:\Windows\system32\ieframe.dll
2013-02-13 21:11:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-13 21:11:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-13 21:11:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 21:10:54 ----A---- C:\Windows\system32\win32k.sys
2013-02-13 21:10:39 ----A---- C:\Windows\system32\winsrv.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-13 21:10:37 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-13 21:10:32 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 21:10:31 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 12:28:31 ----D---- C:\ProgramData\SystemExplorer
2013-02-12 12:28:27 ----D---- C:\Program Files (x86)\System Explorer
2013-02-10 15:17:19 ----A---- C:\Windows\SYSWOW64\CmdLineExt.dll
2013-02-10 12:53:42 ----D---- C:\Program Files (x86)\Zards software
2013-02-10 09:23:40 ----D---- C:\Program Files (x86)\KMSnano Final
2013-02-10 08:51:17 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2013-02-10 08:50:04 ----D---- C:\Windows\PCHEALTH
2013-02-10 08:50:03 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-02-10 08:47:08 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-02-10 08:18:50 ----A---- C:\Windows\SYSWOW64\abracadabra08092011.exe
2013-02-10 08:12:03 ----D---- C:\Program Files (x86)\Microsoft Office
2013-02-09 12:11:17 ----A---- C:\Windows\system32\TURegOpt.exe
2013-02-09 12:11:09 ----A---- C:\Windows\system32\authuitu.dll
2013-02-09 12:11:08 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-02-09 12:10:20 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-02-07 08:40:01 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-02-07 08:40:01 ----D---- C:\Program Files\Realtek
2013-02-07 08:39:17 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tosade.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tadefxapo.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSHP64.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFNHK64.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFCOM64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\SFAPO64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-02-07 08:39:12 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkApi64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTEED64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTCOM64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2013-02-07 08:39:09 ----A---- C:\Windows\system32\RCoRes64.dat
2013-02-07 08:39:09 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EED64A.dll
2013-02-07 08:39:07 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-02-07 08:39:06 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-02-07 08:39:03 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\FMAPO64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\AERTAR64.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\AERTAC64.dll
2013-02-07 08:24:52 ----D---- C:\Program Files\Common Files\Logitech
2013-02-07 08:24:49 ----D---- C:\Program Files\Logitech
2013-02-07 08:17:19 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-02-07 08:17:19 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-02-07 08:17:18 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\nvopencl.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\nvoglv64.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuvid.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuda.dll
2013-02-07 08:17:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-02-07 08:17:15 ----A---- C:\Windows\system32\nvcompiler.dll
2013-02-07 08:17:15 ----A---- C:\Windows\system32\nvapi64.dll
2013-02-06 10:23:41 ----D---- C:\Users\tata\AppData\Roaming\Tific
2013-02-06 10:15:55 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-02-06 10:15:54 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-02-06 10:15:53 ----D---- C:\Program Files\Symantec
2013-02-06 10:15:53 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-02-06 10:15:40 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2013-02-06 10:15:40 ----A---- C:\Windows\system32\GEARAspi64.dll
2013-02-06 10:15:24 ----D---- C:\Windows\system32\drivers\N360x64
2013-02-06 10:15:21 ----D---- C:\Program Files (x86)\Norton 360
2013-02-06 10:15:20 ----D---- C:\ProgramData\Norton
2013-02-06 10:15:05 ----D---- C:\ProgramData\NortonInstaller
2013-02-06 10:15:05 ----D---- C:\Program Files (x86)\NortonInstaller
2013-02-06 02:04:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-02 16:57:05 ----D---- C:\Users\tata\AppData\Roaming\Wargaming.net
2013-02-02 16:17:44 ----D---- C:\Windows\SYSWOW64\directx
2013-02-02 16:17:35 ----D---- C:\Games
2013-01-26 10:03:42 ----D---- C:\ProgramData\Media Center Programs
======List of files/folders modified in the last 1 month======
2013-02-25 17:26:53 ----D---- C:\Program Files\trend micro
2013-02-25 17:26:48 ----D---- C:\Windows\temp
2013-02-25 17:04:15 ----D---- C:\Windows\System32
2013-02-25 17:04:15 ----D---- C:\Windows\inf
2013-02-25 17:04:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-25 17:01:40 ----D---- C:\Users\tata\AppData\Roaming\ICQ
2013-02-25 16:57:40 ----SHD---- C:\System Volume Information
2013-02-25 16:57:22 ----D---- C:\Windows\system32\Tasks
2013-02-25 16:22:10 ----D---- C:\Windows\system32\config
2013-02-25 12:26:46 ----D---- C:\Windows\SysWOW64
2013-02-25 12:20:34 ----D---- C:\Windows\system32\drivers\etc
2013-02-25 12:00:55 ----SHD---- C:\Windows\Installer
2013-02-25 11:48:45 ----D---- C:\Windows
2013-02-25 11:46:00 ----D---- C:\ProgramData
2013-02-25 08:32:23 ----RD---- C:\Program Files (x86)
2013-02-25 08:32:14 ----D---- C:\Windows\Tasks
2013-02-25 07:11:48 ----D---- C:\Windows\system32\catroot2
2013-02-25 06:03:22 ----D---- C:\Windows\winsxs
2013-02-24 21:34:38 ----D---- C:\ProgramData\PMB Files
2013-02-24 16:51:00 ----D---- C:\Windows\Minidump
2013-02-24 15:24:36 ----D---- C:\Windows\debug
2013-02-24 12:22:15 ----D---- C:\Windows\system32\drivers
2013-02-24 10:17:23 ----D---- C:\ProgramData\install_clap
2013-02-24 10:17:17 ----D---- C:\Windows\Logs
2013-02-23 18:31:10 ----D---- C:\Users\tata\AppData\Roaming\Skype
2013-02-23 02:14:10 ----D---- C:\Program Files (x86)\JDownloader
2013-02-20 16:37:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-19 12:36:47 ----AD---- C:\ProgramData\TEMP
2013-02-19 12:36:19 ----D---- C:\ProgramData\NVIDIA
2013-02-17 12:46:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-02-17 12:46:04 ----D---- C:\Program Files (x86)\Ubisoft
2013-02-17 12:43:27 ----RSD---- C:\Windows\assembly
2013-02-17 12:22:36 ----D---- C:\Windows\system32\wbem
2013-02-17 12:21:23 ----D---- C:\Windows\system32\wfp
2013-02-17 12:21:23 ----D---- C:\Windows\system32\DriverStore
2013-02-17 12:21:23 ----D---- C:\Windows\system32\CodeIntegrity
2013-02-17 12:21:20 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-02-17 12:21:16 ----D---- C:\Windows\registration
2013-02-17 12:21:10 ----D---- C:\Windows\system32\catroot
2013-02-16 12:19:15 ----D---- C:\Users\tata\AppData\Roaming\vlc
2013-02-16 10:39:58 ----D---- C:\ProgramData\Skype
2013-02-16 10:39:45 ----RD---- C:\Program Files (x86)\Skype
2013-02-16 10:39:45 ----D---- C:\Program Files (x86)\Common Files
2013-02-16 07:50:14 ----D---- C:\ProgramData\Microsoft Help
2013-02-15 12:48:36 ----D---- C:\Program Files (x86)\Diablo III
2013-02-14 08:03:12 ----D---- C:\Windows\Microsoft.NET
2013-02-14 05:20:39 ----D---- C:\Windows\AppPatch
2013-02-14 05:20:38 ----D---- C:\Windows\SYSWOW64\migration
2013-02-14 05:20:38 ----D---- C:\Windows\system32\migration
2013-02-14 05:20:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-14 05:20:37 ----D---- C:\Program Files\Internet Explorer
2013-02-13 22:10:02 ----A---- C:\Windows\system32\MRT.exe
2013-02-12 20:35:00 ----D---- C:\Users\tata\AppData\Roaming\Winamp
2013-02-10 18:49:35 ----SD---- C:\ProgramData\Microsoft
2013-02-10 17:00:57 ----D---- C:\Program Files (x86)\Adobe
2013-02-10 15:08:39 ----D---- C:\Users\tata\AppData\Roaming\DAEMON Tools Lite
2013-02-10 09:54:14 ----D---- C:\Users\tata\AppData\Roaming\BitTorrent
2013-02-10 09:38:46 ----SD---- C:\Users\tata\AppData\Roaming\Microsoft
2013-02-10 08:53:31 ----RSD---- C:\Windows\Fonts
2013-02-10 08:52:54 ----D---- C:\Windows\ShellNew
2013-02-10 08:51:38 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-02-10 08:48:07 ----A---- C:\Windows\win.ini
2013-02-10 08:12:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-10 08:11:35 ----D---- C:\Program Files\Microsoft Office
2013-02-10 07:46:36 ----RD---- C:\Program Files
2013-02-10 07:44:46 ----D---- C:\Program Files (x86)\MSBuild
2013-02-10 07:44:40 ----D---- C:\Program Files\Common Files
2013-02-09 12:30:33 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-09 12:10:33 ----D---- C:\ProgramData\TuneUp Software
2013-02-08 14:22:32 ----D---- C:\Downloads
2013-02-08 10:32:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-08 10:25:28 ----A---- C:\Windows\AutoKMS.ini
2013-02-07 08:40:51 ----HD---- C:\Program Files (x86)\Temp
2013-02-07 08:22:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-02-07 07:59:50 ----D---- C:\ProgramData\DriverGenius
2013-02-06 10:15:55 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-03 19:41:06 ----D---- C:\Program Files (x86)\Windows Doctor
2013-02-01 10:40:11 ----D---- C:\Program Files (x86)\Google
2013-01-26 06:30:48 ----RD---- C:\Users
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-03-09 564792]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 1388120]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-02-06 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20130222.001\IDSvia64.sys [2013-02-05 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [2010-11-16 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [2011-04-21 386168]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-02-29 231376]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 DRHARD64;DRHARD64; \??\C:\Windows\system32\drivers\DRHARD64.sys [2011-11-03 21984]
R2 DRHMSR64;DRHMSR64; \??\C:\Windows\system32\drivers\DRHMSR64.sys [2011-12-06 14760]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-02-17 138912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130224.007\ENG64.SYS [2013-02-17 126192]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130224.007\EX64.SYS [2013-02-17 2087664]
R3 PAC207;Trust WB-1400T Webcam; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-05-14 573952]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2012-07-24 34032]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [2011-03-31 744568]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-02-06 174200]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-18 11880]
S2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys []
S3 7ByteIo;7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2012-10-28 30624]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DRHARD;DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-05 21712]
S3 dump_wmimmc;dump_wmimmc; \??\C:\L2\lineage2\system\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2009-04-06 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 PRODIGY;PRODIGY; C:\Windows\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-02-24 15712]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-01-16 2550224]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-14 1564368]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-03 878520]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-03 1259448]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-09-19 2365792]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Installer Service;Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer\InstallerService.exe [2013-01-12 124512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-29 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 DiskDoctorService;Norton Disk Doctor Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [2012-09-29 1147424]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01 116648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NU16StartManagerSvc;Norton Utilities 16 Start Manager Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [2012-09-29 792608]
S4 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S4 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2012-10-04 1976696]
S4 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S4 SpeedDiskService;Norton SpeedDisk Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [2012-09-29 1160224]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-12 383264]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prevence.Děkuji
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence.Děkuji
Zdravím!
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job
C:\Users\tata\AppData\Local\Facebook\Update
C:\Program Files (x86)\GUM57F1.tmp
C:\Windows\1C4551A64743409391E41477CD655043.TMP
C:\Users\tata\AppData\Roaming\Babylon
C:\ProgramData\Babylon
C:\ProgramData\regid.1991-06.com.microsoft
C:\Windows\SYSWOW64\abracadabra08092011.exe
:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence.Děkuji
tu je vypis po restartu od OTM
All processes killed
========== FILES ==========
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\Download folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update folder moved successfully.
C:\Program Files (x86)\GUM57F1.tmp folder moved successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\Users\tata\AppData\Roaming\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
C:\ProgramData\regid.1991-06.com.microsoft folder moved successfully.
C:\Windows\SYSWOW64\abracadabra08092011.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: Administrator.tata-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: tata
->Temp folder emptied: 332194822 bytes
->Temporary Internet Files folder emptied: 3751427 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 6109164 bytes
->Google Chrome cache emptied: 8592283 bytes
->Opera cache emptied: 4213167 bytes
->Flash cache emptied: 1329 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28546 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 816434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49554 bytes
RecycleBin emptied: 5514349371 bytes
Total Files Cleaned = 5 598,00 mb
[EMPTYFLASH]
User: Administrator
User: Administrator.tata-PC
->Flash cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: Public
User: tata
->Flash cache emptied: 0 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 02252013_185849
Files moved on Reboot...
C:\Users\tata\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
a tu nový rsit
Logfile of random's system information tool 1.09 (written by random/random)
Run by tata at 2013-02-25 19:08:56
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 47 GB (27%) free of 175 GB
Total RAM: 3327 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:09:07, on 25.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ICQ7.7\ICQ.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\trend micro\tata.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\PROGRA~2\Sticky Password\spIEBho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O3 - Toolbar: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\PROGRA~2\Sticky Password\spIEBho.dll
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [StickyPassword] "C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Sticky Password - res://C:\Program Files (x86)\Sticky Password\spIEBho.dll/616
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Installer Service - Unknown owner - C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer\InstallerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11744 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {9EE9794D-892B-4699-AB4E-86A3CAC5E35D}
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\System32\alg.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\diMaster.dll" /prefetch:1
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2076
"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe" /c /a /s UserSession
"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" /PROTECT
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\notepad.exe" F:\_OTM\MovedFiles\02252013_185849.log
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\ICQ7.7\ICQ.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\AUDIODG.EXE 0x188
"C:\Users\tata\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\NUAutoUpdate.job
=========Mozilla firefox=========
ProfilePath - C:\Users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\3m1obsv1.default-1353393322373
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\3m1obsv1.default-1353393322373\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-01 2324576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-01-25 139344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07 436192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-02 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC02E217-6E13-4F14-9BAC-D7BA27C1E912}]
Sticky Password Toolbar - C:\PROGRA~2\Sticky Password\spIEBho.dll [2013-02-14 1357112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-01 1722488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-02 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07 436192]
{AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - Sticky Password Toolbar - C:\PROGRA~2\Sticky Password\spIEBho.dll [2013-02-14 1357112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 3994960]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2012-12-02 2846168]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"StickyPassword"=C:\Program Files (x86)\Sticky Password\stpass.exe [2013-02-14 8131896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4Sync]
C:\Program Files (x86)\4Sync\4Sync.exe [2012-10-11 11926560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe [2012-12-11 3766168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CachemanTray]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-07-26 2782096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\tata\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
C:\Program Files (x86)\Free Download Manager\fdm.exe [2011-12-28 6148096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\tata\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-14 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-14 1564368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-04-14 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2012-01-05 1823744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 3994960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent]
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2012-01-12 371256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine]
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-01-02 501544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [2012-09-29 104480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2012-06-20 74752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStartupSound"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1
"NoSMBalloonTip"=1
"NoDrives"=0x01000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccleaner64.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DATABASECOMPARE.EXE]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dtlite.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lync.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\misc.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoev.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msotd.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nu.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstlink.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstview.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OcPubMgr.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perfectdisk.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPREADSHEETCOMPARE.EXE]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sptdinst-x64.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.MLCY"=mlc.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\winver.exe
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\user32.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\slmgr.vbs
2013-02-25 11:46:00 ----D---- C:\ProgramData\Windows Genuine Advantage
2013-02-25 11:43:57 ----D---- C:\Users\tata\AppData\Roaming\Wocarson
2013-02-25 08:14:20 ----D---- C:\Users\tata\AppData\Roaming\CoSoSys
2013-02-24 15:24:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-02-23 09:46:46 ----D---- C:\Users\tata\AppData\Roaming\Lamantine
2013-02-23 09:45:37 ----D---- C:\Program Files (x86)\Sticky Password
2013-02-18 19:03:22 ----D---- C:\Users\tata\AppData\Roaming\Delta
2013-02-18 19:03:21 ----D---- C:\ProgramData\BrowserProtect
2013-02-18 19:02:08 ----D---- C:\Program Files (x86)\TapinRadio
2013-02-13 21:32:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-13 21:32:13 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-13 21:32:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-13 21:32:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-13 21:32:08 ----A---- C:\Windows\system32\ieui.dll
2013-02-13 21:32:03 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-13 21:32:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-02-13 21:32:03 ----A---- C:\Windows\system32\url.dll
2013-02-13 21:32:03 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-13 21:32:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-13 21:32:02 ----A---- C:\Windows\system32\urlmon.dll
2013-02-13 21:31:57 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-13 21:31:57 ----A---- C:\Windows\system32\jscript9.dll
2013-02-13 21:31:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-13 21:31:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-13 21:31:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-02-13 21:31:55 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\wininet.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\vbscript.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\jscript.dll
2013-02-13 21:31:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-13 21:31:54 ----A---- C:\Windows\system32\iertutil.dll
2013-02-13 21:31:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-13 21:31:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-13 21:31:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-13 21:31:50 ----A---- C:\Windows\system32\mshtml.dll
2013-02-13 21:31:50 ----A---- C:\Windows\system32\ieframe.dll
2013-02-13 21:11:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-13 21:11:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-13 21:11:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 21:10:54 ----A---- C:\Windows\system32\win32k.sys
2013-02-13 21:10:39 ----A---- C:\Windows\system32\winsrv.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-13 21:10:37 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-13 21:10:32 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 21:10:31 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 12:28:31 ----D---- C:\ProgramData\SystemExplorer
2013-02-12 12:28:27 ----D---- C:\Program Files (x86)\System Explorer
2013-02-10 15:17:19 ----A---- C:\Windows\SYSWOW64\CmdLineExt.dll
2013-02-10 12:53:42 ----D---- C:\Program Files (x86)\Zards software
2013-02-10 09:23:40 ----D---- C:\Program Files (x86)\KMSnano Final
2013-02-10 08:50:04 ----D---- C:\Windows\PCHEALTH
2013-02-10 08:50:03 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-02-10 08:47:08 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-02-10 08:12:03 ----D---- C:\Program Files (x86)\Microsoft Office
2013-02-09 12:11:17 ----A---- C:\Windows\system32\TURegOpt.exe
2013-02-09 12:11:09 ----A---- C:\Windows\system32\authuitu.dll
2013-02-09 12:11:08 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-02-09 12:10:20 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-02-07 08:40:01 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-02-07 08:40:01 ----D---- C:\Program Files\Realtek
2013-02-07 08:39:17 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tosade.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tadefxapo.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSHP64.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFNHK64.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFCOM64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\SFAPO64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-02-07 08:39:12 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkApi64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTEED64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTCOM64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2013-02-07 08:39:09 ----A---- C:\Windows\system32\RCoRes64.dat
2013-02-07 08:39:09 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EED64A.dll
2013-02-07 08:39:07 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-02-07 08:39:06 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-02-07 08:39:03 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\FMAPO64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\AERTAR64.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\AERTAC64.dll
2013-02-07 08:24:52 ----D---- C:\Program Files\Common Files\Logitech
2013-02-07 08:24:49 ----D---- C:\Program Files\Logitech
2013-02-07 08:17:19 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-02-07 08:17:19 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-02-07 08:17:18 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\nvopencl.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\nvoglv64.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuvid.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuda.dll
2013-02-07 08:17:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-02-07 08:17:15 ----A---- C:\Windows\system32\nvcompiler.dll
2013-02-07 08:17:15 ----A---- C:\Windows\system32\nvapi64.dll
2013-02-06 10:23:41 ----D---- C:\Users\tata\AppData\Roaming\Tific
2013-02-06 10:15:55 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-02-06 10:15:54 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-02-06 10:15:53 ----D---- C:\Program Files\Symantec
2013-02-06 10:15:53 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-02-06 10:15:40 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2013-02-06 10:15:40 ----A---- C:\Windows\system32\GEARAspi64.dll
2013-02-06 10:15:24 ----D---- C:\Windows\system32\drivers\N360x64
2013-02-06 10:15:21 ----D---- C:\Program Files (x86)\Norton 360
2013-02-06 10:15:20 ----D---- C:\ProgramData\Norton
2013-02-06 10:15:05 ----D---- C:\ProgramData\NortonInstaller
2013-02-06 10:15:05 ----D---- C:\Program Files (x86)\NortonInstaller
2013-02-06 02:04:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-02 16:57:05 ----D---- C:\Users\tata\AppData\Roaming\Wargaming.net
2013-02-02 16:17:44 ----D---- C:\Windows\SYSWOW64\directx
2013-02-02 16:17:35 ----D---- C:\Games
2013-01-26 10:03:42 ----D---- C:\ProgramData\Media Center Programs
======List of files/folders modified in the last 1 month======
2013-02-25 19:09:03 ----D---- C:\Program Files\trend micro
2013-02-25 19:05:56 ----D---- C:\Windows\system32\config
2013-02-25 19:02:21 ----SHD---- C:\System Volume Information
2013-02-25 19:02:08 ----D---- C:\Windows\system32\Tasks
2013-02-25 18:59:24 ----D---- C:\Windows\temp
2013-02-25 18:58:58 ----RD---- C:\Program Files (x86)
2013-02-25 18:58:58 ----D---- C:\Windows\SysWOW64
2013-02-25 18:58:58 ----D---- C:\Windows
2013-02-25 18:58:58 ----D---- C:\ProgramData
2013-02-25 18:58:52 ----D---- C:\Windows\Tasks
2013-02-25 17:04:15 ----D---- C:\Windows\System32
2013-02-25 17:04:15 ----D---- C:\Windows\inf
2013-02-25 17:04:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-25 17:01:40 ----D---- C:\Users\tata\AppData\Roaming\ICQ
2013-02-25 12:20:34 ----D---- C:\Windows\system32\drivers\etc
2013-02-25 12:00:55 ----SHD---- C:\Windows\Installer
2013-02-25 07:11:48 ----D---- C:\Windows\system32\catroot2
2013-02-25 06:03:22 ----D---- C:\Windows\winsxs
2013-02-24 21:34:38 ----D---- C:\ProgramData\PMB Files
2013-02-24 16:51:00 ----D---- C:\Windows\Minidump
2013-02-24 15:24:36 ----D---- C:\Windows\debug
2013-02-24 12:22:15 ----D---- C:\Windows\system32\drivers
2013-02-24 10:17:23 ----D---- C:\ProgramData\install_clap
2013-02-24 10:17:17 ----D---- C:\Windows\Logs
2013-02-23 18:31:10 ----D---- C:\Users\tata\AppData\Roaming\Skype
2013-02-23 02:14:10 ----D---- C:\Program Files (x86)\JDownloader
2013-02-20 16:37:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-19 12:36:47 ----AD---- C:\ProgramData\TEMP
2013-02-19 12:36:19 ----D---- C:\ProgramData\NVIDIA
2013-02-17 12:46:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-02-17 12:46:04 ----D---- C:\Program Files (x86)\Ubisoft
2013-02-17 12:43:27 ----RSD---- C:\Windows\assembly
2013-02-17 12:22:36 ----D---- C:\Windows\system32\wbem
2013-02-17 12:21:23 ----D---- C:\Windows\system32\wfp
2013-02-17 12:21:23 ----D---- C:\Windows\system32\DriverStore
2013-02-17 12:21:23 ----D---- C:\Windows\system32\CodeIntegrity
2013-02-17 12:21:20 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-02-17 12:21:16 ----D---- C:\Windows\registration
2013-02-17 12:21:10 ----D---- C:\Windows\system32\catroot
2013-02-16 12:19:15 ----D---- C:\Users\tata\AppData\Roaming\vlc
2013-02-16 10:39:58 ----D---- C:\ProgramData\Skype
2013-02-16 10:39:45 ----RD---- C:\Program Files (x86)\Skype
2013-02-16 10:39:45 ----D---- C:\Program Files (x86)\Common Files
2013-02-16 07:50:14 ----D---- C:\ProgramData\Microsoft Help
2013-02-15 12:48:36 ----D---- C:\Program Files (x86)\Diablo III
2013-02-14 08:03:12 ----D---- C:\Windows\Microsoft.NET
2013-02-14 05:20:39 ----D---- C:\Windows\AppPatch
2013-02-14 05:20:38 ----D---- C:\Windows\SYSWOW64\migration
2013-02-14 05:20:38 ----D---- C:\Windows\system32\migration
2013-02-14 05:20:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-14 05:20:37 ----D---- C:\Program Files\Internet Explorer
2013-02-13 22:10:02 ----A---- C:\Windows\system32\MRT.exe
2013-02-12 20:35:00 ----D---- C:\Users\tata\AppData\Roaming\Winamp
2013-02-10 18:49:35 ----SD---- C:\ProgramData\Microsoft
2013-02-10 17:00:57 ----D---- C:\Program Files (x86)\Adobe
2013-02-10 15:08:39 ----D---- C:\Users\tata\AppData\Roaming\DAEMON Tools Lite
2013-02-10 09:54:14 ----D---- C:\Users\tata\AppData\Roaming\BitTorrent
2013-02-10 09:38:46 ----SD---- C:\Users\tata\AppData\Roaming\Microsoft
2013-02-10 08:53:31 ----RSD---- C:\Windows\Fonts
2013-02-10 08:52:54 ----D---- C:\Windows\ShellNew
2013-02-10 08:51:38 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-02-10 08:48:07 ----A---- C:\Windows\win.ini
2013-02-10 08:12:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-10 08:11:35 ----D---- C:\Program Files\Microsoft Office
2013-02-10 07:46:36 ----RD---- C:\Program Files
2013-02-10 07:44:46 ----D---- C:\Program Files (x86)\MSBuild
2013-02-10 07:44:40 ----D---- C:\Program Files\Common Files
2013-02-09 12:30:33 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-09 12:10:33 ----D---- C:\ProgramData\TuneUp Software
2013-02-08 14:22:32 ----D---- C:\Downloads
2013-02-08 10:32:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-08 10:25:28 ----A---- C:\Windows\AutoKMS.ini
2013-02-07 08:40:51 ----HD---- C:\Program Files (x86)\Temp
2013-02-07 08:22:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-02-07 07:59:50 ----D---- C:\ProgramData\DriverGenius
2013-02-06 10:15:55 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-03 19:41:06 ----D---- C:\Program Files (x86)\Windows Doctor
2013-02-01 10:40:11 ----D---- C:\Program Files (x86)\Google
2013-01-26 06:30:48 ----RD---- C:\Users
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-03-09 564792]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 1388120]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-02-06 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20130222.001\IDSvia64.sys [2013-02-05 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [2010-11-16 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [2011-04-21 386168]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-02-29 231376]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 DRHARD64;DRHARD64; \??\C:\Windows\system32\drivers\DRHARD64.sys [2011-11-03 21984]
R2 DRHMSR64;DRHMSR64; \??\C:\Windows\system32\drivers\DRHMSR64.sys [2011-12-06 14760]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-02-17 138912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130225.004\ENG64.SYS [2013-02-17 126192]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130225.004\EX64.SYS [2013-02-17 2087664]
R3 PAC207;Trust WB-1400T Webcam; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-05-14 573952]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2012-07-24 34032]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [2011-03-31 744568]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-02-06 174200]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-18 11880]
S2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys []
S3 7ByteIo;7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2012-10-28 30624]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DRHARD;DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-05 21712]
S3 dump_wmimmc;dump_wmimmc; \??\C:\L2\lineage2\system\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2009-04-06 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 PRODIGY;PRODIGY; C:\Windows\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-02-24 15712]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-01-16 2550224]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-14 1564368]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-03 878520]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-03 1259448]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-09-19 2365792]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Installer Service;Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer\InstallerService.exe [2013-01-12 124512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-29 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 DiskDoctorService;Norton Disk Doctor Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [2012-09-29 1147424]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01 116648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NU16StartManagerSvc;Norton Utilities 16 Start Manager Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [2012-09-29 792608]
S4 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S4 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2012-10-04 1976696]
S4 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S4 SpeedDiskService;Norton SpeedDisk Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [2012-09-29 1160224]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-12 383264]
-----------------EOF-----------------
All processes killed
========== FILES ==========
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290298582-1327034294-2791487122-1000UA.job moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\Download folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Users\tata\AppData\Local\Facebook\Update folder moved successfully.
C:\Program Files (x86)\GUM57F1.tmp folder moved successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\Users\tata\AppData\Roaming\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
C:\ProgramData\regid.1991-06.com.microsoft folder moved successfully.
C:\Windows\SYSWOW64\abracadabra08092011.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: Administrator.tata-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: tata
->Temp folder emptied: 332194822 bytes
->Temporary Internet Files folder emptied: 3751427 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 6109164 bytes
->Google Chrome cache emptied: 8592283 bytes
->Opera cache emptied: 4213167 bytes
->Flash cache emptied: 1329 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28546 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 816434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49554 bytes
RecycleBin emptied: 5514349371 bytes
Total Files Cleaned = 5 598,00 mb
[EMPTYFLASH]
User: Administrator
User: Administrator.tata-PC
->Flash cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: Public
User: tata
->Flash cache emptied: 0 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 02252013_185849
Files moved on Reboot...
C:\Users\tata\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
a tu nový rsit
Logfile of random's system information tool 1.09 (written by random/random)
Run by tata at 2013-02-25 19:08:56
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 47 GB (27%) free of 175 GB
Total RAM: 3327 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:09:07, on 25.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ICQ7.7\ICQ.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\trend micro\tata.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\PROGRA~2\Sticky Password\spIEBho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O3 - Toolbar: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\PROGRA~2\Sticky Password\spIEBho.dll
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [StickyPassword] "C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1290298582-1327034294-2791487122-1002\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Sticky Password - res://C:\Program Files (x86)\Sticky Password\spIEBho.dll/616
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Installer Service - Unknown owner - C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer\InstallerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11744 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {9EE9794D-892B-4699-AB4E-86A3CAC5E35D}
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\System32\alg.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\diMaster.dll" /prefetch:1
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2076
"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe" /c /a /s UserSession
"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" /PROTECT
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\notepad.exe" F:\_OTM\MovedFiles\02252013_185849.log
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\ICQ7.7\ICQ.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\AUDIODG.EXE 0x188
"C:\Users\tata\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\NUAutoUpdate.job
=========Mozilla firefox=========
ProfilePath - C:\Users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\3m1obsv1.default-1353393322373
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\3m1obsv1.default-1353393322373\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-01 2324576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-01-25 139344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07 436192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-02 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC02E217-6E13-4F14-9BAC-D7BA27C1E912}]
Sticky Password Toolbar - C:\PROGRA~2\Sticky Password\spIEBho.dll [2013-02-14 1357112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-01 1722488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-02 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07 436192]
{AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - Sticky Password Toolbar - C:\PROGRA~2\Sticky Password\spIEBho.dll [2013-02-14 1357112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 3994960]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2012-12-02 2846168]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"StickyPassword"=C:\Program Files (x86)\Sticky Password\stpass.exe [2013-02-14 8131896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4Sync]
C:\Program Files (x86)\4Sync\4Sync.exe [2012-10-11 11926560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe [2012-12-11 3766168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CachemanTray]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-07-26 2782096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\tata\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
C:\Program Files (x86)\Free Download Manager\fdm.exe [2011-12-28 6148096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\tata\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-14 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-14 1564368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-04-14 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2012-01-05 1823744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 3994960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent]
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2012-01-12 371256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine]
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-01-02 501544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [2012-09-29 104480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2012-06-20 74752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStartupSound"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1
"NoSMBalloonTip"=1
"NoDrives"=0x01000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccleaner64.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DATABASECOMPARE.EXE]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dtlite.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lync.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\misc.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoev.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msotd.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nu.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstlink.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstview.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OcPubMgr.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perfectdisk.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPREADSHEETCOMPARE.EXE]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sptdinst-x64.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.MLCY"=mlc.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\winver.exe
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\user32.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2013-02-25 12:26:00 ----A---- C:\Windows\SYSWOW64\slmgr.vbs
2013-02-25 11:46:00 ----D---- C:\ProgramData\Windows Genuine Advantage
2013-02-25 11:43:57 ----D---- C:\Users\tata\AppData\Roaming\Wocarson
2013-02-25 08:14:20 ----D---- C:\Users\tata\AppData\Roaming\CoSoSys
2013-02-24 15:24:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-02-23 09:46:46 ----D---- C:\Users\tata\AppData\Roaming\Lamantine
2013-02-23 09:45:37 ----D---- C:\Program Files (x86)\Sticky Password
2013-02-18 19:03:22 ----D---- C:\Users\tata\AppData\Roaming\Delta
2013-02-18 19:03:21 ----D---- C:\ProgramData\BrowserProtect
2013-02-18 19:02:08 ----D---- C:\Program Files (x86)\TapinRadio
2013-02-13 21:32:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-13 21:32:13 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-13 21:32:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-13 21:32:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-13 21:32:08 ----A---- C:\Windows\system32\ieui.dll
2013-02-13 21:32:03 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-13 21:32:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-02-13 21:32:03 ----A---- C:\Windows\system32\url.dll
2013-02-13 21:32:03 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-13 21:32:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-13 21:32:02 ----A---- C:\Windows\system32\urlmon.dll
2013-02-13 21:31:57 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-13 21:31:57 ----A---- C:\Windows\system32\jscript9.dll
2013-02-13 21:31:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-13 21:31:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-13 21:31:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-02-13 21:31:55 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\wininet.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\vbscript.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-13 21:31:55 ----A---- C:\Windows\system32\jscript.dll
2013-02-13 21:31:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-13 21:31:54 ----A---- C:\Windows\system32\iertutil.dll
2013-02-13 21:31:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-13 21:31:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-13 21:31:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-13 21:31:50 ----A---- C:\Windows\system32\mshtml.dll
2013-02-13 21:31:50 ----A---- C:\Windows\system32\ieframe.dll
2013-02-13 21:11:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-13 21:11:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-13 21:11:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 21:10:54 ----A---- C:\Windows\system32\win32k.sys
2013-02-13 21:10:39 ----A---- C:\Windows\system32\winsrv.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-13 21:10:38 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-13 21:10:37 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-13 21:10:32 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 21:10:31 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 12:28:31 ----D---- C:\ProgramData\SystemExplorer
2013-02-12 12:28:27 ----D---- C:\Program Files (x86)\System Explorer
2013-02-10 15:17:19 ----A---- C:\Windows\SYSWOW64\CmdLineExt.dll
2013-02-10 12:53:42 ----D---- C:\Program Files (x86)\Zards software
2013-02-10 09:23:40 ----D---- C:\Program Files (x86)\KMSnano Final
2013-02-10 08:50:04 ----D---- C:\Windows\PCHEALTH
2013-02-10 08:50:03 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-02-10 08:47:08 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-02-10 08:12:03 ----D---- C:\Program Files (x86)\Microsoft Office
2013-02-09 12:11:17 ----A---- C:\Windows\system32\TURegOpt.exe
2013-02-09 12:11:09 ----A---- C:\Windows\system32\authuitu.dll
2013-02-09 12:11:08 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-02-09 12:10:20 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-02-07 08:40:01 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-02-07 08:40:01 ----D---- C:\Program Files\Realtek
2013-02-07 08:39:17 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tosade.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\tadefxapo.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-02-07 08:39:17 ----A---- C:\Windows\system32\SRSHP64.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFNHK64.dll
2013-02-07 08:39:14 ----A---- C:\Windows\system32\SFCOM64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\SFAPO64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-02-07 08:39:13 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-02-07 08:39:12 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RtkApi64.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-02-07 08:39:11 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTEED64A.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RTCOM64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-02-07 08:39:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2013-02-07 08:39:09 ----A---- C:\Windows\system32\RCoRes64.dat
2013-02-07 08:39:09 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-02-07 08:39:08 ----A---- C:\Windows\system32\R4EED64A.dll
2013-02-07 08:39:07 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-02-07 08:39:06 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-02-07 08:39:05 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-02-07 08:39:04 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-02-07 08:39:03 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\FMAPO64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-02-07 08:38:59 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-02-07 08:38:58 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-02-07 08:38:57 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\AERTAR64.dll
2013-02-07 08:38:56 ----A---- C:\Windows\system32\AERTAC64.dll
2013-02-07 08:24:52 ----D---- C:\Program Files\Common Files\Logitech
2013-02-07 08:24:49 ----D---- C:\Program Files\Logitech
2013-02-07 08:17:19 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-02-07 08:17:19 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-02-07 08:17:18 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\nvopencl.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\nvoglv64.dll
2013-02-07 08:17:18 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-02-07 08:17:17 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuvid.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-02-07 08:17:17 ----A---- C:\Windows\system32\nvcuda.dll
2013-02-07 08:17:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-02-07 08:17:15 ----A---- C:\Windows\system32\nvcompiler.dll
2013-02-07 08:17:15 ----A---- C:\Windows\system32\nvapi64.dll
2013-02-06 10:23:41 ----D---- C:\Users\tata\AppData\Roaming\Tific
2013-02-06 10:15:55 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-02-06 10:15:54 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-02-06 10:15:53 ----D---- C:\Program Files\Symantec
2013-02-06 10:15:53 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-02-06 10:15:40 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2013-02-06 10:15:40 ----A---- C:\Windows\system32\GEARAspi64.dll
2013-02-06 10:15:24 ----D---- C:\Windows\system32\drivers\N360x64
2013-02-06 10:15:21 ----D---- C:\Program Files (x86)\Norton 360
2013-02-06 10:15:20 ----D---- C:\ProgramData\Norton
2013-02-06 10:15:05 ----D---- C:\ProgramData\NortonInstaller
2013-02-06 10:15:05 ----D---- C:\Program Files (x86)\NortonInstaller
2013-02-06 02:04:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-02 16:57:05 ----D---- C:\Users\tata\AppData\Roaming\Wargaming.net
2013-02-02 16:17:44 ----D---- C:\Windows\SYSWOW64\directx
2013-02-02 16:17:35 ----D---- C:\Games
2013-01-26 10:03:42 ----D---- C:\ProgramData\Media Center Programs
======List of files/folders modified in the last 1 month======
2013-02-25 19:09:03 ----D---- C:\Program Files\trend micro
2013-02-25 19:05:56 ----D---- C:\Windows\system32\config
2013-02-25 19:02:21 ----SHD---- C:\System Volume Information
2013-02-25 19:02:08 ----D---- C:\Windows\system32\Tasks
2013-02-25 18:59:24 ----D---- C:\Windows\temp
2013-02-25 18:58:58 ----RD---- C:\Program Files (x86)
2013-02-25 18:58:58 ----D---- C:\Windows\SysWOW64
2013-02-25 18:58:58 ----D---- C:\Windows
2013-02-25 18:58:58 ----D---- C:\ProgramData
2013-02-25 18:58:52 ----D---- C:\Windows\Tasks
2013-02-25 17:04:15 ----D---- C:\Windows\System32
2013-02-25 17:04:15 ----D---- C:\Windows\inf
2013-02-25 17:04:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-25 17:01:40 ----D---- C:\Users\tata\AppData\Roaming\ICQ
2013-02-25 12:20:34 ----D---- C:\Windows\system32\drivers\etc
2013-02-25 12:00:55 ----SHD---- C:\Windows\Installer
2013-02-25 07:11:48 ----D---- C:\Windows\system32\catroot2
2013-02-25 06:03:22 ----D---- C:\Windows\winsxs
2013-02-24 21:34:38 ----D---- C:\ProgramData\PMB Files
2013-02-24 16:51:00 ----D---- C:\Windows\Minidump
2013-02-24 15:24:36 ----D---- C:\Windows\debug
2013-02-24 12:22:15 ----D---- C:\Windows\system32\drivers
2013-02-24 10:17:23 ----D---- C:\ProgramData\install_clap
2013-02-24 10:17:17 ----D---- C:\Windows\Logs
2013-02-23 18:31:10 ----D---- C:\Users\tata\AppData\Roaming\Skype
2013-02-23 02:14:10 ----D---- C:\Program Files (x86)\JDownloader
2013-02-20 16:37:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-19 12:36:47 ----AD---- C:\ProgramData\TEMP
2013-02-19 12:36:19 ----D---- C:\ProgramData\NVIDIA
2013-02-17 12:46:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-02-17 12:46:04 ----D---- C:\Program Files (x86)\Ubisoft
2013-02-17 12:43:27 ----RSD---- C:\Windows\assembly
2013-02-17 12:22:36 ----D---- C:\Windows\system32\wbem
2013-02-17 12:21:23 ----D---- C:\Windows\system32\wfp
2013-02-17 12:21:23 ----D---- C:\Windows\system32\DriverStore
2013-02-17 12:21:23 ----D---- C:\Windows\system32\CodeIntegrity
2013-02-17 12:21:20 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-02-17 12:21:16 ----D---- C:\Windows\registration
2013-02-17 12:21:10 ----D---- C:\Windows\system32\catroot
2013-02-16 12:19:15 ----D---- C:\Users\tata\AppData\Roaming\vlc
2013-02-16 10:39:58 ----D---- C:\ProgramData\Skype
2013-02-16 10:39:45 ----RD---- C:\Program Files (x86)\Skype
2013-02-16 10:39:45 ----D---- C:\Program Files (x86)\Common Files
2013-02-16 07:50:14 ----D---- C:\ProgramData\Microsoft Help
2013-02-15 12:48:36 ----D---- C:\Program Files (x86)\Diablo III
2013-02-14 08:03:12 ----D---- C:\Windows\Microsoft.NET
2013-02-14 05:20:39 ----D---- C:\Windows\AppPatch
2013-02-14 05:20:38 ----D---- C:\Windows\SYSWOW64\migration
2013-02-14 05:20:38 ----D---- C:\Windows\system32\migration
2013-02-14 05:20:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-14 05:20:37 ----D---- C:\Program Files\Internet Explorer
2013-02-13 22:10:02 ----A---- C:\Windows\system32\MRT.exe
2013-02-12 20:35:00 ----D---- C:\Users\tata\AppData\Roaming\Winamp
2013-02-10 18:49:35 ----SD---- C:\ProgramData\Microsoft
2013-02-10 17:00:57 ----D---- C:\Program Files (x86)\Adobe
2013-02-10 15:08:39 ----D---- C:\Users\tata\AppData\Roaming\DAEMON Tools Lite
2013-02-10 09:54:14 ----D---- C:\Users\tata\AppData\Roaming\BitTorrent
2013-02-10 09:38:46 ----SD---- C:\Users\tata\AppData\Roaming\Microsoft
2013-02-10 08:53:31 ----RSD---- C:\Windows\Fonts
2013-02-10 08:52:54 ----D---- C:\Windows\ShellNew
2013-02-10 08:51:38 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-02-10 08:48:07 ----A---- C:\Windows\win.ini
2013-02-10 08:12:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-10 08:11:35 ----D---- C:\Program Files\Microsoft Office
2013-02-10 07:46:36 ----RD---- C:\Program Files
2013-02-10 07:44:46 ----D---- C:\Program Files (x86)\MSBuild
2013-02-10 07:44:40 ----D---- C:\Program Files\Common Files
2013-02-09 12:30:33 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-09 12:10:33 ----D---- C:\ProgramData\TuneUp Software
2013-02-08 14:22:32 ----D---- C:\Downloads
2013-02-08 10:32:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-08 10:25:28 ----A---- C:\Windows\AutoKMS.ini
2013-02-07 08:40:51 ----HD---- C:\Program Files (x86)\Temp
2013-02-07 08:22:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-02-07 07:59:50 ----D---- C:\ProgramData\DriverGenius
2013-02-06 10:15:55 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-03 19:41:06 ----D---- C:\Program Files (x86)\Windows Doctor
2013-02-01 10:40:11 ----D---- C:\Program Files (x86)\Google
2013-01-26 06:30:48 ----RD---- C:\Users
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-03-09 564792]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 1388120]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-02-06 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20130222.001\IDSvia64.sys [2013-02-05 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [2010-11-16 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [2011-04-21 386168]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-02-29 231376]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 DRHARD64;DRHARD64; \??\C:\Windows\system32\drivers\DRHARD64.sys [2011-11-03 21984]
R2 DRHMSR64;DRHMSR64; \??\C:\Windows\system32\drivers\DRHMSR64.sys [2011-12-06 14760]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-02-17 138912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130225.004\ENG64.SYS [2013-02-17 126192]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130225.004\EX64.SYS [2013-02-17 2087664]
R3 PAC207;Trust WB-1400T Webcam; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-05-14 573952]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2012-07-24 34032]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [2011-03-31 744568]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-02-06 174200]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-18 11880]
S2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys []
S3 7ByteIo;7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2012-10-28 30624]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DRHARD;DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-05 21712]
S3 dump_wmimmc;dump_wmimmc; \??\C:\L2\lineage2\system\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2009-04-06 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 PRODIGY;PRODIGY; C:\Windows\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-02-24 15712]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-01-16 2550224]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-14 1564368]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-03 878520]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-03 1259448]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-09-19 2365792]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Installer Service;Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer\InstallerService.exe [2013-01-12 124512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-29 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 DiskDoctorService;Norton Disk Doctor Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [2012-09-29 1147424]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01 116648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NU16StartManagerSvc;Norton Utilities 16 Start Manager Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [2012-09-29 792608]
S4 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S4 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2012-10-04 1976696]
S4 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S4 SpeedDiskService;Norton SpeedDisk Service; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [2012-09-29 1160224]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-12 383264]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence.Děkuji
Log již vypadá OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence.Děkuji
Tak jsem uklidil po tom OTM.Moc děkuji za pomoc 
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence.Děkuji
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?