Nejde nic dělat, nouzový režim nefunguje.

[bozacek]

Během surfování v Mozzile se mi zobrazila aktualizace Javy. Zaškrtnul jsem nezobrazovat znovu a clik na cancel. Chvilku se nic nedělo a pak naskočila bílá obrazovka s hláškou: Tímto programem nelze webovou stránku zobrazit. Nešlo nic dělat. tak ctrl+alt+del a restartovat. System normálně naběhne, ale než se na ploše zobrazí jakákoliv ikona, skočí tam ta obrazovka znova a nejde vůbec ni c, krom onoho trojhmatu. Zkoušel jsem restartovat do stavu nouze. To nabíhá nabíhá a najednou cvak odhlašování vypínání. Tak jsem z toho trochu magor. Nevím co dělat. Poraďte prosím. Bych pobil ty kretény co tohle vymejšlejí...

[Rudy]

Zdravím!
Zkuste ještě poslední známou funkční konfiguraci.

[bozacek]

VYzkoušel jsem vše. Bez úspěchu!

[bozacek]

Pardon, to jsem zapoměl.. Win 7

[bozacek]

Ale ja nemam XP....

[bozacek]

Chvilku mi to dalo nez jsem to pochopil přeci jenom jsem jen uzivatel, ale uz to skenuje!

[bozacek]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-05-2013
Ran by Božáček (administrator) on 30-05-2013 19:48:33
Running from H:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Farbar) H:\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [2918656 2011-01-12] (ESET)
HKLM\...\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [4910912 2011-08-02] (DT Soft Ltd)
HKCU\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-09-28] (Samsung)
HKCU\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59872 2012-12-17] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59872 2012-12-17] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59872 2012-12-17] (Apple Inc.)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Božáček\AppData\Roaming\skype.dat [106496 2010-11-21] () <==== ATTENTION
MountPoints2: F - F:\Dexter_setup.exe
MountPoints2: {79d7b76e-d6d9-11e0-aa02-806e6f6e6963} - F:\BlueBirds.exe
MountPoints2: {dfc9d0cf-f0f6-11e0-85a4-0019dbb2d703} - F:\setup.exe
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [CTSysVol] C:\Program Files (x86)\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe /r [57344 2005-10-31] (Creative Technology Ltd)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [684024 2012-10-17] (Cisco Systems, Inc.)
Startup: C:\Users\Božáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Božáček\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ironpu ... 1298386547
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ironpu ... 1298386547
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ironpu ... 1298386547
HKLM SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f ... 1298386547
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f ... 1298386547
HKLM-x32 SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f ... 1298386547
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f ... 1298386547
HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f ... 1298386547
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f ... 1298386547
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {D9C30C36-2228-4596-B945-ADF04C5D557B} URL = http://websearch.ask.com/redirect?clien ... 86C9330807
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {390C7E87-153C-12DB-2EA6-0BB301EB26E9} - No File
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
PDF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
PDF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
PDF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
PDF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [20992] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{9BEC1AFF-2F08-4EEC-9912-7F4203BDCDE3}: [NameServer]194.228.41.65,194.228.41.113

FireFox:
========
FF ProfilePath: C:\Users\Božáček\AppData\Roaming\Mozilla\Firefox\Profiles\cyrw37cg.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Funmoods.com - C:\Users\Božáček\AppData\Roaming\Mozilla\Firefox\Profiles\cyrw37cg.default\Extensions\ffxtlbr@funmoods.com
FF Extension: No Name - C:\Users\Božáček\AppData\Roaming\Mozilla\Firefox\Profiles\cyrw37cg.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR RestoreOnStartup: "hxxp://www.seznam.cz/", "hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzy0D0B0BtB0DyBtDtAyC0EyBtAtN0D0Tzu0StBtAyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1298386547"
CHR DefaultSearchURL: (Seznam) - http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: (Seznam) - http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Bo\u017E\u00E1\u010Dek\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Bo\u017E\u00E1\u010Dek\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Bo\u017E\u00E1\u010Dek\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (Funmoods) - C:\Users\Božáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.4_0
CHR Extension: (YouTube) - C:\Users\Božáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Božáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Božáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0
CHR Extension: (Gmail) - C:\Users\Božáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

S2 ciscod.exe; C:\Program Files (x86)\Cisco\Cisco HostScan\bin\ciscod.exe [60920 2012-10-17] (Cisco Systems, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2011-01-12] (ESET)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2011-01-12] (ESET)
S2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
S2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-02-17] ()

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-09-17] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-07] (DT Soft Ltd)
S2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [170640 2010-12-21] (ESET)
S3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [34144 2010-12-21] (ESET)
S2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-12-21] (ESET)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-09-17] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527360 2007-09-10] (PixArt Imaging Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 NgFilter; system32\DRIVERS\ngfilter.sys [x]
S3 NgLog; system32\DRIVERS\nglog.sys [x]
S3 NgVpn; system32\DRIVERS\ngvpn.sys [x]
S3 NgWfp; system32\DRIVERS\ngwfp.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-30 19:48 - 2013-05-30 19:48 - 00000000 ____D C:\FRST
2013-05-30 16:02 - 2013-05-30 17:05 - 00000004 ____A C:\Users\Božáček\AppData\Roaming\skype.ini
2013-05-27 19:19 - 2013-05-27 19:19 - 00001055 ____A C:\Users\Božáček\Desktop\Love Chronicles Salvation Collectors.lnk
2013-05-27 19:19 - 2013-05-27 19:19 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\VendelGAMES
2013-05-27 18:00 - 2013-05-27 18:00 - 00016987 ____A C:\Users\Božáček\Downloads\23638670B9B7E0F7FA54388CDF9F4266BF27BD3C.torrent
2013-05-27 18:00 - 2013-05-27 18:00 - 00016987 ____A C:\Users\Božáček\Downloads\23638670B9B7E0F7FA54388CDF9F4266BF27BD3C (2).torrent
2013-05-27 18:00 - 2013-05-27 18:00 - 00016987 ____A C:\Users\Božáček\Downloads\23638670B9B7E0F7FA54388CDF9F4266BF27BD3C (1).torrent
2013-05-24 15:28 - 2013-05-24 15:28 - 00074901 ____A C:\Users\Božáček\Downloads\facebook_profile.zip
2013-05-24 10:49 - 2013-05-24 14:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-22 14:21 - 2013-05-22 15:16 - 501201156 ____A C:\Users\Božáček\Downloads\PATEK-TO-JE-DEN-(-FRIDAY-)--supr-komedie-NOVINKY-CZ-DAB.avi
2013-05-22 10:52 - 2013-05-22 10:52 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\HBM-Games
2013-05-16 15:48 - 2013-05-16 15:48 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ssadadb_01005.Wdf
2013-05-15 14:57 - 2013-05-15 14:57 - 03820336 ____A C:\Users\Božáček\Downloads\battlelog-web-plugins_2.1.3_109.exe
2013-05-09 17:54 - 2013-05-09 17:54 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\Organic 2 Digital
2013-05-07 08:53 - 2013-05-07 08:53 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-05-02 20:44 - 2013-05-30 16:58 - 00000948 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-02 20:44 - 2013-05-30 15:49 - 00000952 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-02 16:03 - 2013-05-02 16:03 - 00001562 ____A C:\Users\Božáček\Desktop\SB.exe – zástupce.lnk
2013-05-02 16:03 - 2013-05-02 16:03 - 00000000 ____D C:\Users\Božáček\AppData\Local\SmallBasic
2013-05-02 16:03 - 2013-05-02 16:03 - 00000000 ____D C:\Program Files (x86)\SmallBasic
2013-05-02 16:01 - 2013-05-02 16:01 - 01800750 ____A C:\Program Files (x86)\net2ftp-1367503222.zip
2013-04-30 10:23 - 2013-04-30 12:46 - 1362715334 ____A C:\Users\Božáček\Downloads\ZIVOT-BROUKA---kreslene-pro-deti.avi

==================== One Month Modified Files and Folders =======

2013-05-30 19:48 - 2013-05-30 19:48 - 00000000 ____D C:\FRST
2013-05-30 17:05 - 2013-05-30 16:02 - 00000004 ____A C:\Users\Božáček\AppData\Roaming\skype.ini
2013-05-30 17:05 - 2011-09-04 11:40 - 01330769 ____A C:\Windows\WindowsUpdate.log
2013-05-30 16:58 - 2013-05-02 20:44 - 00000948 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-30 16:58 - 2013-04-19 17:52 - 00000000 ___RD C:\Users\Božáček\Dropbox
2013-05-30 16:58 - 2013-04-19 17:49 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\Dropbox
2013-05-30 16:58 - 2011-09-04 15:22 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\Skype
2013-05-30 16:57 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-30 16:57 - 2009-07-14 06:51 - 00185630 ____A C:\Windows\setupact.log
2013-05-30 16:46 - 2009-07-14 06:45 - 00021504 ____A C:\Windows\System32\umstartup.etl
2013-05-30 16:03 - 2012-02-24 15:17 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\uTorrent
2013-05-30 15:49 - 2013-05-02 20:44 - 00000952 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-29 15:12 - 2012-10-15 11:11 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2013-05-28 21:03 - 2009-07-14 06:45 - 00022528 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-28 21:03 - 2009-07-14 06:45 - 00022528 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-28 20:45 - 2013-03-09 17:05 - 00001917 ____A C:\Users\Božáček\Documents\TombRaider.log
2013-05-28 17:04 - 2011-09-04 15:38 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-05-28 17:04 - 2011-09-04 15:38 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-05-28 17:04 - 2011-09-04 15:37 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-05-28 13:25 - 2011-09-04 15:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-05-28 13:25 - 2011-09-04 15:21 - 00000000 ____D C:\ProgramData\Skype
2013-05-27 19:19 - 2013-05-27 19:19 - 00001055 ____A C:\Users\Božáček\Desktop\Love Chronicles Salvation Collectors.lnk
2013-05-27 19:19 - 2013-05-27 19:19 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\VendelGAMES
2013-05-27 18:00 - 2013-05-27 18:00 - 00016987 ____A C:\Users\Božáček\Downloads\23638670B9B7E0F7FA54388CDF9F4266BF27BD3C.torrent
2013-05-27 18:00 - 2013-05-27 18:00 - 00016987 ____A C:\Users\Božáček\Downloads\23638670B9B7E0F7FA54388CDF9F4266BF27BD3C (2).torrent
2013-05-27 18:00 - 2013-05-27 18:00 - 00016987 ____A C:\Users\Božáček\Downloads\23638670B9B7E0F7FA54388CDF9F4266BF27BD3C (1).torrent
2013-05-27 17:30 - 2010-11-21 11:27 - 00634308 ____A C:\Windows\System32\perfh005.dat
2013-05-27 17:30 - 2010-11-21 11:27 - 00122898 ____A C:\Windows\System32\perfc005.dat
2013-05-27 17:30 - 2009-07-14 07:13 - 01478586 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-27 10:59 - 2011-09-04 14:18 - 00000000 ____D C:\Users\Božáček\Documents\Soubory aplikace Outlook
2013-05-25 10:42 - 2011-09-29 16:03 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-05-25 10:42 - 2010-11-21 05:47 - 00231356 ____A C:\Windows\PFRO.log
2013-05-24 15:28 - 2013-05-24 15:28 - 00074901 ____A C:\Users\Božáček\Downloads\facebook_profile.zip
2013-05-24 14:30 - 2013-05-24 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-24 11:59 - 2011-09-10 15:54 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\ERS Game Studios
2013-05-22 15:16 - 2013-05-22 14:21 - 501201156 ____A C:\Users\Božáček\Downloads\PATEK-TO-JE-DEN-(-FRIDAY-)--supr-komedie-NOVINKY-CZ-DAB.avi
2013-05-22 10:52 - 2013-05-22 10:52 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\HBM-Games
2013-05-20 20:29 - 2011-09-04 15:25 - 00000000 ____D C:\Users\Božáček\AppData\Local\Apple Computer
2013-05-20 18:18 - 2011-09-04 18:33 - 00000000 ____D C:\Users\Božáček\Documents\GTA San Andreas User Files
2013-05-20 12:20 - 2012-04-05 17:53 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\AlawarEntertainment
2013-05-17 17:46 - 2013-03-21 12:35 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\ShamanGS
2013-05-17 13:42 - 2012-06-05 15:05 - 00002052 ___AH C:\Users\Božáček\Documents\Default.rdp
2013-05-16 15:48 - 2013-05-16 15:48 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ssadadb_01005.Wdf
2013-05-15 14:57 - 2013-05-15 14:57 - 03820336 ____A C:\Users\Božáček\Downloads\battlelog-web-plugins_2.1.3_109.exe
2013-05-14 18:54 - 2011-11-17 18:08 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\YoudaGames
2013-05-11 19:14 - 2013-02-23 16:08 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\8floor
2013-05-11 15:55 - 2011-10-23 09:22 - 00000000 ____D C:\Program Files (x86)\rajce
2013-05-09 17:54 - 2013-05-09 17:54 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\Organic 2 Digital
2013-05-07 20:39 - 2012-11-03 20:00 - 00000414 ____A C:\Windows\SysWOW64\AppLog.log
2013-05-07 19:15 - 2009-07-14 07:08 - 00032594 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-07 19:15 - 2009-07-14 06:45 - 00413816 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-07 18:30 - 2011-09-04 13:12 - 00115824 ____A C:\Users\Božáček\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-07 17:08 - 2011-09-04 13:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-05-07 08:53 - 2013-05-07 08:53 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-05-04 08:46 - 2011-09-16 22:05 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-05-02 16:03 - 2013-05-02 16:03 - 00001562 ____A C:\Users\Božáček\Desktop\SB.exe – zástupce.lnk
2013-05-02 16:03 - 2013-05-02 16:03 - 00000000 ____D C:\Users\Božáček\AppData\Local\SmallBasic
2013-05-02 16:03 - 2013-05-02 16:03 - 00000000 ____D C:\Program Files (x86)\SmallBasic
2013-05-02 16:01 - 2013-05-02 16:01 - 01800750 ____A C:\Program Files (x86)\net2ftp-1367503222.zip
2013-05-01 10:37 - 2013-03-07 20:53 - 00000000 ____A C:\Windows\SysWOW64\Access.dat
2013-05-01 10:37 - 2013-03-07 20:47 - 00000000 ____D C:\Users\Božáček\AppData\Roaming\Tunngle
2013-04-30 12:46 - 2013-04-30 10:23 - 1362715334 ____A C:\Users\Božáček\Downloads\ZIVOT-BROUKA---kreslene-pro-deti.avi

Other Malware:
===========
C:\Users\Božáček\AppData\Roaming\skype.dat
C:\Users\Božáček\AppData\Roaming\skype.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-24 09:59

==================== End Of Log ============================

[bozacek]

Jste geniální lidé. Mám vás rád... už to jede . Jdu projíždět systém antivirem... Se divím, že to NOD32, nezachytil. Moc moc děkuji!