zde je výpis z FRST, děkuji moc za jakoukoliv pomoc...
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-08-2013
Ran by Raiden (administrator) on 26-08-2013 16:55:43
Running from F:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-05-03] (Alcor Micro Corp.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,,C:\Program Files (x86)\ICQ7.7\ARxMiXBW.exe
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,,C:\Program Files (x86)\ICQ7.7\ARxMiXBW.exe [x]
HKCU\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7.7\ICQ.exe [127040 2012-04-23] (ICQ, LLC.)
HKCU\...\Run: [uTorrent] - C:\Users\Raiden\Downloads\utorrent.exe [802136 2013-05-10] (BitTorrent Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKCU\...\Run: [ChateauXP] - C:\Program Files (x86)\ChateauXP\ChateauXP.exe [x]
MountPoints2: F - F:\HPLauncher.exe
MountPoints2: {c6401270-040a-11e2-a00d-90e6ba6954de} - G:\Setup.exe
MountPoints2: {e3cc5f92-8d3e-11e1-a718-90e6ba6954de} - H:\HPLauncher.exe
HKLM-x32\...\Run: [Guard.Mail.ru.gui] - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-04-23] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-08] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\UpdatusUser\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7.7\ICQ.exe [127040 2012-04-23] (ICQ, LLC.)
HKU\UpdatusUser\...\Run: [uTorrent] - C:\Users\Raiden\Downloads\utorrent.exe [802136 2013-05-10] (BitTorrent Inc.)
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizovat ESET licenci.lnk
ShortcutTarget: Aktualizovat ESET licenci.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe (GuillerSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Utility.lnk
ShortcutTarget: Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe (Edimax Technology Co., Ltd)
Startup: C:\Users\Raiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bZeOblCB.exe ()
==================== Internet (Whitelisted) ====================
URLSearchHook: (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3072253
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll No File
Toolbar: HKLM-x32 - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120227-0403 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\searchplugins-backup
FF Extension: No Name - C:\Users\Raiden\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: Seznam lištička - C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Raiden\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
==================== Services (Whitelisted) =================
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET)
S2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-04-23] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
S2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
S2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [x]
==================== Drivers (Whitelisted) ====================
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
S1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-09-21] (Duplex Secure Ltd.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-26 16:19 - 2013-08-26 16:20 - 00000000 ____D C:\AdwCleaner
2013-08-26 16:15 - 2013-08-26 16:15 - 00994642 _____ C:\Users\Raiden\Desktop\adwcleaner.exe
2013-08-26 16:06 - 2013-08-26 16:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Raiden\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-26 15:30 - 2013-08-26 15:30 - 00001611 _____ C:\Users\Raiden\Desktop\RKreport[0]_D_08262013_153044.txt
2013-08-26 15:30 - 2013-08-26 15:30 - 00001569 _____ C:\Users\Raiden\Desktop\RKreport[0]_S_08262013_153029.txt
2013-08-26 15:19 - 2013-08-26 15:30 - 00000000 ____D C:\Users\Raiden\Desktop\RK_Quarantine
2013-08-26 13:45 - 2013-08-26 13:45 - 00751688 _____ (Emsisoft GmbH) C:\Users\Raiden\Desktop\decrypt_harasom.exe
2013-08-26 13:36 - 2013-08-26 13:37 - 00923136 _____ C:\Users\Raiden\Desktop\RogueKiller.exe
2013-08-26 12:39 - 2013-08-26 16:43 - 00170407 _____ C:\Windows\WindowsUpdate.log
2013-08-26 12:37 - 2013-08-26 16:23 - 00000336 _____ C:\Windows\setupact.log
2013-08-26 12:37 - 2013-08-26 12:37 - 00000000 _____ C:\Windows\setuperr.log
2013-08-26 12:24 - 2013-08-26 12:24 - 00000000 ____D C:\{004CD426-71E6-E28F-541B-C5B67521AFD4}
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Roaming\Dirty
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Local\uagHcoRZ
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Local\mqIXcwTd
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Local\Dirty
2013-08-24 19:38 - 2013-08-26 09:23 - 00000000 ____D C:\Users\Raiden\Downloads\Scary Movie 5 (2013) 720p
2013-08-24 19:14 - 2013-08-24 19:14 - 00000000 ____D C:\Users\Raiden\Desktop\pila
2013-08-23 15:31 - 2013-08-23 15:33 - 00000000 ____D C:\Users\Raiden\Downloads\Animaky 3
2013-08-21 14:31 - 2013-08-22 19:13 - 4153602220 ____R C:\Users\Raiden\Downloads\Vedlejší účinky (2013).avi
2013-08-20 18:29 - 2013-08-20 20:48 - 4141826220 ____R C:\Users\Raiden\Downloads\Zlomené město (2013).avi
2013-08-18 09:27 - 2013-08-18 09:59 - 00000000 ____D C:\Users\Raiden\Downloads\Ip.Man.The.Final.Fight.BDRip.XviD.AC3-WAR
2013-08-17 10:55 - 2013-08-17 10:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-14 22:38 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 22:38 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 22:38 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 22:38 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 22:38 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 22:38 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 22:38 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 22:38 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 22:38 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 22:38 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 22:38 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:38 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 22:37 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 22:37 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 22:37 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 22:37 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 22:37 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 16:41 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 16:41 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 16:41 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 16:41 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 16:41 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 16:41 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 16:41 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 16:41 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 16:41 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 16:41 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 16:41 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 16:41 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 16:41 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 16:41 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 16:41 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 16:41 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 16:41 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 16:41 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 16:41 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 16:41 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 16:41 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 16:41 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 16:41 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 16:41 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 16:41 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 16:41 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 16:41 - 2013-06-15 06:35 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-14 16:41 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 19:45 - 2013-08-14 16:34 - 00000000 ____D C:\Users\Raiden\Downloads\Pomsta mrtvého muže (2013)
2013-08-05 09:40 - 2012-03-06 11:06 - 00000000 ____D C:\Users\Raiden\Desktop\KHOMATOR - Terapie (CZ 2011)
2013-08-04 15:01 - 2013-08-04 15:01 - 00002368 _____ C:\Users\Raiden\Downloads\download.php
==================== One Month Modified Files and Folders =======
2013-08-26 16:46 - 2012-04-25 09:27 - 00000000 ____D C:\Users\Raiden\AppData\Roaming\uTorrent
2013-08-26 16:43 - 2013-08-26 12:39 - 00170407 _____ C:\Windows\WindowsUpdate.log
2013-08-26 16:31 - 2009-07-14 06:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-26 16:31 - 2009-07-14 06:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-26 16:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-26 16:23 - 2013-08-26 12:37 - 00000336 _____ C:\Windows\setupact.log
2013-08-26 16:23 - 2012-04-23 17:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-26 16:20 - 2013-08-26 16:19 - 00000000 ____D C:\AdwCleaner
2013-08-26 16:15 - 2013-08-26 16:15 - 00994642 _____ C:\Users\Raiden\Desktop\adwcleaner.exe
2013-08-26 16:10 - 2012-04-26 20:32 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-26 16:09 - 2012-04-23 18:21 - 00000000 ____D C:\Users\Raiden\AppData\Roaming\ICQ
2013-08-26 16:06 - 2013-08-26 16:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Raiden\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-26 15:30 - 2013-08-26 15:30 - 00001611 _____ C:\Users\Raiden\Desktop\RKreport[0]_D_08262013_153044.txt
2013-08-26 15:30 - 2013-08-26 15:30 - 00001569 _____ C:\Users\Raiden\Desktop\RKreport[0]_S_08262013_153029.txt
2013-08-26 15:30 - 2013-08-26 15:19 - 00000000 ____D C:\Users\Raiden\Desktop\RK_Quarantine
2013-08-26 13:45 - 2013-08-26 13:45 - 00751688 _____ (Emsisoft GmbH) C:\Users\Raiden\Desktop\decrypt_harasom.exe
2013-08-26 13:37 - 2013-08-26 13:36 - 00923136 _____ C:\Users\Raiden\Desktop\RogueKiller.exe
2013-08-26 13:27 - 2013-07-06 16:40 - 00000000 ____D C:\Users\Raiden\AppData\Roaming\Seznam.cz
2013-08-26 12:56 - 2012-04-23 14:21 - 00000000 ____D C:\Users\Raiden
2013-08-26 12:55 - 2012-11-28 13:22 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-08-26 12:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-26 12:37 - 2013-08-26 12:37 - 00000000 _____ C:\Windows\setuperr.log
2013-08-26 12:28 - 2012-04-23 15:12 - 00000000 ____D C:\Windows\Panther
2013-08-26 12:24 - 2013-08-26 12:24 - 00000000 ____D C:\{004CD426-71E6-E28F-541B-C5B67521AFD4}
2013-08-26 12:21 - 2012-04-23 15:49 - 00000000 ____D C:\Users\Raiden\AppData\Local\ESET
2013-08-26 12:16 - 2012-04-23 18:20 - 00000000 ____D C:\Program Files (x86)\ICQ7.7
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Roaming\Dirty
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Local\uagHcoRZ
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Local\mqIXcwTd
2013-08-26 12:15 - 2013-08-26 12:15 - 00000000 ____D C:\Users\Raiden\AppData\Local\Dirty
2013-08-26 12:15 - 2012-04-23 14:22 - 00000000 ___RD C:\Users\Raiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-26 10:21 - 2012-06-04 13:28 - 00098226 ____R C:\Users\Raiden\Desktop\seznam filmů.xls
2013-08-26 10:21 - 2012-04-25 12:22 - 00000000 ____D C:\Users\Raiden\Desktop\films
2013-08-26 09:46 - 2013-07-06 16:43 - 00000000 ____D C:\Users\Raiden\AppData\Roaming\vlc
2013-08-26 09:23 - 2013-08-24 19:38 - 00000000 ____D C:\Users\Raiden\Downloads\Scary Movie 5 (2013) 720p
2013-08-25 20:40 - 2012-11-01 20:33 - 00000000 ____D C:\Users\Raiden\Desktop\prodat
2013-08-24 19:14 - 2013-08-24 19:14 - 00000000 ____D C:\Users\Raiden\Desktop\pila
2013-08-24 08:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-23 15:33 - 2013-08-23 15:31 - 00000000 ____D C:\Users\Raiden\Downloads\Animaky 3
2013-08-22 19:13 - 2013-08-21 14:31 - 4153602220 ____R C:\Users\Raiden\Downloads\Vedlejší účinky (2013).avi
2013-08-21 08:10 - 2012-04-26 20:32 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 08:10 - 2012-04-26 20:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 08:10 - 2012-04-26 20:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 20:48 - 2013-08-20 18:29 - 4141826220 ____R C:\Users\Raiden\Downloads\Zlomené město (2013).avi
2013-08-19 14:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-18 23:11 - 2013-05-10 09:16 - 00000000 ____D C:\Users\Raiden\AppData\Roaming\Skype
2013-08-18 09:59 - 2013-08-18 09:27 - 00000000 ____D C:\Users\Raiden\Downloads\Ip.Man.The.Final.Fight.BDRip.XviD.AC3-WAR
2013-08-18 08:56 - 2012-05-03 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 10:55 - 2013-08-17 10:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-14 16:34 - 2013-08-13 19:45 - 00000000 ____D C:\Users\Raiden\Downloads\Pomsta mrtvého muže (2013)
2013-08-13 20:15 - 2013-05-20 11:27 - 00000000 ____D C:\Users\Raiden\Desktop\Nic nás nerozdělí
2013-08-04 15:01 - 2013-08-04 15:01 - 00002368 _____ C:\Users\Raiden\Downloads\download.php
Files to move or delete:
====================
C:\Users\Raiden\AppData\Local\Temp\Quarantine.exe
C:\Users\Raiden\AppData\Local\Temp\xkRLkhqK.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 11:29
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o pomoc s Policejním virem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
cSf_RaideN
- Návštěvník
- Příspěvky: 3
- Registrován: 26 srp 2013 15:35
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc s Policejním virem
Zdravím!
Jak to vypadá s legalitou vašeho oper. systému?
Jak to vypadá s legalitou vašeho oper. systému?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
cSf_RaideN
- Návštěvník
- Příspěvky: 3
- Registrován: 26 srp 2013 15:35
Re: Prosím o pomoc s Policejním virem
Zdravim, mám cracklej z internetu.., zde přidávám ještě výpis z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Raiden at 2013-08-26 18:29:04
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 52 GB (17%) free of 305 GB
Total RAM: 4095 MB (73% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "973872282241968671368236909-338985639459320854911095112623733881213386476
C:\Windows\system32\wbem\wmiprvse.exe
F:\RSITx64.exe
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0-git-20120227-0403]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\
icq-search.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-16 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-16 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll []
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-05-03 324096]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 4081008]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-04-23 127040]
"uTorrent"=C:\Users\Raiden\Downloads\utorrent.exe [2013-05-10 802136]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ChateauXP"=C:\Program Files (x86)\ChateauXP\ChateauXP.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-23 1564368]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
Wireless Utility.lnk - C:\Program Files (x86)\Edimax\Common\RaUI.exe
C:\Users\Raiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
bZeOblCB.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-08-26 18:29:04 ----D---- C:\rsit
2013-08-26 18:29:04 ----D---- C:\Program Files\trend micro
2013-08-26 16:55:14 ----D---- C:\FRST
2013-08-26 16:19:29 ----D---- C:\AdwCleaner
2013-08-26 15:16:22 ----A---- C:\Windows\ntbtlog.txt
2013-08-26 12:24:07 ----D---- C:\{004CD426-71E6-E28F-541B-C5B67521AFD4}
2013-08-26 12:15:51 ----D---- C:\Users\Raiden\AppData\Roaming\Dirty
2013-08-17 10:55:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-14 22:38:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-14 22:38:11 ----A---- C:\Windows\system32\ieui.dll
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-14 22:38:09 ----A---- C:\Windows\system32\iesetup.dll
2013-08-14 22:38:09 ----A---- C:\Windows\system32\iernonce.dll
2013-08-14 22:38:09 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-14 22:38:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-14 22:38:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:38:08 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-14 22:38:07 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 22:38:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-14 22:38:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 22:38:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-14 22:38:05 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 22:38:04 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 22:38:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-14 22:38:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-14 22:38:02 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 22:38:01 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 22:38:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-14 22:38:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-14 22:37:59 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 22:37:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-14 22:37:54 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 22:37:52 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 22:37:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-14 16:41:51 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-14 16:41:51 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 16:41:49 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-14 16:41:49 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-14 16:41:49 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-14 16:41:49 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 16:41:49 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 16:41:49 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-14 16:41:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-14 16:41:36 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 16:41:31 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-14 16:41:30 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-14 16:41:30 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 16:41:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-14 16:41:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-14 16:41:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-14 16:41:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-14 16:41:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 16:41:22 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 16:41:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-14 16:41:21 ----A---- C:\Windows\system32\wow64.dll
2013-08-14 16:41:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-14 16:41:19 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-14 16:41:19 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-14 16:41:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-14 16:41:16 ----A---- C:\Windows\system32\rdpcorets.dll
2013-08-14 16:41:16 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-14 16:41:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
======List of files/folders modified in the last 1 month======
2013-08-26 18:29:04 ----RD---- C:\Program Files
2013-08-26 18:29:00 ----D---- C:\Windows\Temp
2013-08-26 17:54:08 ----D---- C:\Windows\system32\config
2013-08-26 17:15:43 ----D---- C:\Users\Raiden\AppData\Roaming\ICQ
2013-08-26 17:15:37 ----D---- C:\Users\Raiden\AppData\Roaming\uTorrent
2013-08-26 17:13:44 ----D---- C:\ProgramData\NVIDIA
2013-08-26 16:55:18 ----D---- C:\Windows
2013-08-26 16:48:18 ----D---- C:\Windows\inf
2013-08-26 16:20:21 ----RD---- C:\Program Files (x86)
2013-08-26 16:20:21 ----HD---- C:\ProgramData
2013-08-26 15:30:27 ----D---- C:\Windows\system32\drivers
2013-08-26 13:27:46 ----D---- C:\Users\Raiden\AppData\Roaming\Seznam.cz
2013-08-26 12:56:33 ----D---- C:\Windows\system32\wfp
2013-08-26 12:56:31 ----D---- C:\Windows\system32\wbem
2013-08-26 12:55:07 ----D---- C:\Windows\Tasks
2013-08-26 12:55:07 ----D---- C:\Windows\system32\DriverStore
2013-08-26 12:55:07 ----D---- C:\Windows\system32\catroot2
2013-08-26 12:55:06 ----D---- C:\Windows\registration
2013-08-26 12:55:06 ----D---- C:\ProgramData\McAfee Security Scan
2013-08-26 12:50:15 ----SHD---- C:\System Volume Information
2013-08-26 12:41:06 ----D---- C:\Windows\Prefetch
2013-08-26 12:40:30 ----D---- C:\Windows\SoftwareDistribution
2013-08-26 12:28:51 ----D---- C:\Windows\Panther
2013-08-26 12:16:44 ----D---- C:\Program Files (x86)\ICQ7.7
2013-08-26 09:46:22 ----D---- C:\Users\Raiden\AppData\Roaming\vlc
2013-08-24 08:21:01 ----D---- C:\Windows\system32\NDF
2013-08-21 08:10:39 ----D---- C:\Windows\SysWOW64
2013-08-21 08:10:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-19 14:13:02 ----D---- C:\Windows\rescache
2013-08-18 23:11:41 ----D---- C:\Users\Raiden\AppData\Roaming\Skype
2013-08-18 08:56:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-15 18:48:10 ----RSD---- C:\Windows\assembly
2013-08-15 18:48:10 ----D---- C:\Windows\Microsoft.NET
2013-08-15 08:17:51 ----D---- C:\Windows\winsxs
2013-08-15 08:15:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-15 08:15:46 ----D---- C:\Windows\system32\cs-CZ
2013-08-15 08:15:46 ----D---- C:\Windows\System32
2013-08-15 08:15:46 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-15 08:15:45 ----D---- C:\Program Files\Internet Explorer
2013-08-15 08:15:44 ----D---- C:\Windows\AppPatch
2013-08-14 22:38:29 ----D---- C:\Windows\system32\catroot
2013-08-14 22:37:35 ----SHD---- C:\Windows\Installer
2013-08-14 22:37:35 ----HD---- C:\Config.Msi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
S0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-21 834544]
S1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
S1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 187632]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
S3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-04-30 339360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2009-10-16 439808]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-23 1564368]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe []
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-05-12 884512]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
S2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\Edimax\Common\RaRegistry.exe [2009-10-06 185632]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe [2009-10-06 212256]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Raiden at 2013-08-26 18:29:04
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 52 GB (17%) free of 305 GB
Total RAM: 4095 MB (73% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "973872282241968671368236909-338985639459320854911095112623733881213386476
C:\Windows\system32\wbem\wmiprvse.exe
F:\RSITx64.exe
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0-git-20120227-0403]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Raiden\AppData\Roaming\Mozilla\Firefox\Profiles\023ej83g.default\searchplugins\
icq-search.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-16 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-16 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll []
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-05-03 324096]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 4081008]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-04-23 127040]
"uTorrent"=C:\Users\Raiden\Downloads\utorrent.exe [2013-05-10 802136]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ChateauXP"=C:\Program Files (x86)\ChateauXP\ChateauXP.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-23 1564368]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
Wireless Utility.lnk - C:\Program Files (x86)\Edimax\Common\RaUI.exe
C:\Users\Raiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
bZeOblCB.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-08-26 18:29:04 ----D---- C:\rsit
2013-08-26 18:29:04 ----D---- C:\Program Files\trend micro
2013-08-26 16:55:14 ----D---- C:\FRST
2013-08-26 16:19:29 ----D---- C:\AdwCleaner
2013-08-26 15:16:22 ----A---- C:\Windows\ntbtlog.txt
2013-08-26 12:24:07 ----D---- C:\{004CD426-71E6-E28F-541B-C5B67521AFD4}
2013-08-26 12:15:51 ----D---- C:\Users\Raiden\AppData\Roaming\Dirty
2013-08-17 10:55:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-14 22:38:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-14 22:38:11 ----A---- C:\Windows\system32\ieui.dll
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-14 22:38:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-14 22:38:09 ----A---- C:\Windows\system32\iesetup.dll
2013-08-14 22:38:09 ----A---- C:\Windows\system32\iernonce.dll
2013-08-14 22:38:09 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-14 22:38:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-14 22:38:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:38:08 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-14 22:38:07 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 22:38:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-14 22:38:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 22:38:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-14 22:38:05 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 22:38:04 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 22:38:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-14 22:38:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-14 22:38:02 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 22:38:01 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 22:38:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-14 22:38:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-14 22:37:59 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 22:37:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-14 22:37:54 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 22:37:52 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 22:37:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-14 16:41:51 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-14 16:41:51 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 16:41:49 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-14 16:41:49 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-14 16:41:49 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-14 16:41:49 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 16:41:49 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 16:41:49 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-14 16:41:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-14 16:41:36 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 16:41:31 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-14 16:41:30 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-14 16:41:30 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 16:41:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-14 16:41:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-14 16:41:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-14 16:41:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-14 16:41:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 16:41:22 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 16:41:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-14 16:41:21 ----A---- C:\Windows\system32\wow64.dll
2013-08-14 16:41:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-14 16:41:19 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-14 16:41:19 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-14 16:41:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-14 16:41:16 ----A---- C:\Windows\system32\rdpcorets.dll
2013-08-14 16:41:16 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-14 16:41:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
======List of files/folders modified in the last 1 month======
2013-08-26 18:29:04 ----RD---- C:\Program Files
2013-08-26 18:29:00 ----D---- C:\Windows\Temp
2013-08-26 17:54:08 ----D---- C:\Windows\system32\config
2013-08-26 17:15:43 ----D---- C:\Users\Raiden\AppData\Roaming\ICQ
2013-08-26 17:15:37 ----D---- C:\Users\Raiden\AppData\Roaming\uTorrent
2013-08-26 17:13:44 ----D---- C:\ProgramData\NVIDIA
2013-08-26 16:55:18 ----D---- C:\Windows
2013-08-26 16:48:18 ----D---- C:\Windows\inf
2013-08-26 16:20:21 ----RD---- C:\Program Files (x86)
2013-08-26 16:20:21 ----HD---- C:\ProgramData
2013-08-26 15:30:27 ----D---- C:\Windows\system32\drivers
2013-08-26 13:27:46 ----D---- C:\Users\Raiden\AppData\Roaming\Seznam.cz
2013-08-26 12:56:33 ----D---- C:\Windows\system32\wfp
2013-08-26 12:56:31 ----D---- C:\Windows\system32\wbem
2013-08-26 12:55:07 ----D---- C:\Windows\Tasks
2013-08-26 12:55:07 ----D---- C:\Windows\system32\DriverStore
2013-08-26 12:55:07 ----D---- C:\Windows\system32\catroot2
2013-08-26 12:55:06 ----D---- C:\Windows\registration
2013-08-26 12:55:06 ----D---- C:\ProgramData\McAfee Security Scan
2013-08-26 12:50:15 ----SHD---- C:\System Volume Information
2013-08-26 12:41:06 ----D---- C:\Windows\Prefetch
2013-08-26 12:40:30 ----D---- C:\Windows\SoftwareDistribution
2013-08-26 12:28:51 ----D---- C:\Windows\Panther
2013-08-26 12:16:44 ----D---- C:\Program Files (x86)\ICQ7.7
2013-08-26 09:46:22 ----D---- C:\Users\Raiden\AppData\Roaming\vlc
2013-08-24 08:21:01 ----D---- C:\Windows\system32\NDF
2013-08-21 08:10:39 ----D---- C:\Windows\SysWOW64
2013-08-21 08:10:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-19 14:13:02 ----D---- C:\Windows\rescache
2013-08-18 23:11:41 ----D---- C:\Users\Raiden\AppData\Roaming\Skype
2013-08-18 08:56:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-15 18:48:10 ----RSD---- C:\Windows\assembly
2013-08-15 18:48:10 ----D---- C:\Windows\Microsoft.NET
2013-08-15 08:17:51 ----D---- C:\Windows\winsxs
2013-08-15 08:15:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-15 08:15:46 ----D---- C:\Windows\system32\cs-CZ
2013-08-15 08:15:46 ----D---- C:\Windows\System32
2013-08-15 08:15:46 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-15 08:15:45 ----D---- C:\Program Files\Internet Explorer
2013-08-15 08:15:44 ----D---- C:\Windows\AppPatch
2013-08-14 22:38:29 ----D---- C:\Windows\system32\catroot
2013-08-14 22:37:35 ----SHD---- C:\Windows\Installer
2013-08-14 22:37:35 ----HD---- C:\Config.Msi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
S0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-21 834544]
S1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
S1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 187632]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
S3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-04-30 339360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2009-10-16 439808]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-04-23 1564368]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe []
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-05-12 884512]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
S2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\Edimax\Common\RaRegistry.exe [2009-10-06 185632]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe [2009-10-06 212256]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc s Policejním virem
Četl jste pravidla? Asi ne, když si dovolíte po otázce na legalitu systému dát sem ještě log RSIT. V pravidlech je jasně stanoveno, že toto fórum softwarové pirátství netoleruje a na cracklé systémy nebudeme reflektovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
cSf_RaideN
- Návštěvník
- Příspěvky: 3
- Registrován: 26 srp 2013 15:35
Re: Prosím o pomoc s Policejním virem
Tak tose omlouvám, tak to tu vymažte, děkuji.
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc s Policejním virem
Není zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?