VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2013 02
Ran by Tomáš (administrator) on DOMA on 07-09-2013 15:40:41
Running from C:\Documents and Settings\Tomáš\Plocha
Systém Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Opera Software) C:\Program Files\Opera\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13880424 2011-01-07] (NVIDIA Corporation)
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [17331200 2008-10-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 323
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 323
HKCU\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Administrator\...\Run: [OEXPRESS] - C:\WINDOWS\OETRN.EXE [ 2007-04-12] ()
HKU\Administrator\...\RunOnce: [spchecker] - "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" [x]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
Toolbar: HKLM - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.cz/OnlineScanner.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\38phtk9w.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [avg@igeared] C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

========================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-08] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R1 kbfilter; C:\Windows\System32\Drivers\kbfilter.sys [12856 2002-07-11] (WayTech Development, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-01-04] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-09-07] (Malwarebytes Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2004-07-17] ()
R3 SMBios; C:\Windows\System32\DRIVERS\SMBios.sys [36484 2004-06-07] (Intel Corporation)
S3 ZD1211U(ZyDAS); C:\Windows\System32\DRIVERS\zd1211u.sys [259584 2004-12-22] (ZyDAS Technology Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\ACPI.sys FA2FBCDA96D2385F773B059FE5A125A6
C:\Windows\System32\Drivers\ACPIEC.sys AFDFF022A01F0B11C776F0860C3B282F
C:\Windows\System32\drivers\aec.sys 841F385C6CFAF66B58FBD898722BB4F0
C:\Windows\System32\drivers\afd.sys 5AC495F4CB807B2B98AD2AD591E6D92E
C:\Windows\System32\Drivers\aswFsBlk.sys B9FE438B3CAD82B2014710349A2022F7
C:\WINDOWS\system32\drivers\aswMonFlt.sys AE5549DD21F6DE06406031EF1D51ACC3
C:\Windows\System32\Drivers\AswRdr.sys D084D0A7A66619FC29776CBBB9D5FA55
C:\Windows\System32\Drivers\aswRvrt.sys FA72FA503F580C3C628DD8C7D7622E37
C:\Windows\System32\Drivers\aswSnx.sys 4D53349D848C6BADB3D4ACBE98C27676
C:\Windows\System32\Drivers\aswSP.sys 813024DFD54A41B3AFAE2B1E2796CB80
C:\Windows\System32\Drivers\aswTdi.sys 5E18413310134130D7772F0668698CB7
C:\Windows\System32\Drivers\aswVmm.sys A5F637D61719D37A5B4868C385E363C0
C:\Windows\System32\DRIVERS\asyncmac.sys 02000ABF34AF4C218C35D257024807D6
C:\Windows\System32\DRIVERS\atapi.sys CDFE4411A69C224BD1D11B2DA92DAC51
C:\Windows\System32\DRIVERS\atmarpc.sys EC88DA854AB7D7752EC8BE11A741BB7F
C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\Windows\System32\Drivers\Cdfs.sys CD7D5152DF32B47F4E36F710B35AAE02
C:\Windows\System32\DRIVERS\cdrom.sys AF9C19B3100FE010496B1A27181FBF72
C:\Windows\System32\DRIVERS\disk.sys 00CA44E4534865F8A3B64F7C0984BFF0
C:\Windows\System32\drivers\dmboot.sys E1968EDEC81C430108FEB23AB07BDB14
C:\Windows\System32\drivers\dmio.sys 1B1520A82E396E46B9AE9FA6B03FF6C6
C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\Windows\System32\drivers\DMusic.sys A6F881284AC1150E37D9AE47FF601267
C:\Windows\System32\drivers\drmkaud.sys 1ED4DBBAE9F5D558DBBA4CC450E3EB2E
C:\Windows\System32\Drivers\Fastfat.sys 3117F595E9615E04F05A54FC15A03B20
C:\Windows\System32\DRIVERS\fdc.sys CED2E8396A8838E59D8FD529C680E02C
C:\Windows\System32\Drivers\Fips.sys 266DAB58619B17BDF37FABBD48D875CA
C:\Windows\System32\DRIVERS\flpydisk.sys 0DD1DE43115B93F4D85E889D7A86F548
C:\Windows\System32\DRIVERS\fltMgr.sys 157754F0DF355A9E0A6F54721914F9C6
C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\Windows\System32\DRIVERS\ftdisk.sys 4E664D8541DB4A66B73A24257E322E1F
C:\Windows\System32\DRIVERS\msgpc.sys C0F1D4A21DE5A415DF8170616703DEBF
C:\Windows\System32\DRIVERS\HDAudBus.sys 3FCC124B6E08EE0E9351F717DD136939
C:\Windows\System32\DRIVERS\hidusb.sys 1DE6783B918F540149AA69943BDFEBA8
C:\Windows\System32\Drivers\HTTP.sys C19B522A9AE0BBC3293397F3055E80A1
C:\Windows\System32\DRIVERS\i8042prt.sys 0F42DE9909B5DBF2C48DD1A79D491AF5
C:\Windows\System32\DRIVERS\imapi.sys F8AA320C6A0409C0380E5D8A99D76EC6
C:\Windows\System32\drivers\RtkHDAud.sys 19D3781892A3794672CD1962F3D8D3B8
C:\Windows\System32\DRIVERS\intelppm.sys 10A3AC0F0DF720AD3C3FD13861D50EB9
C:\Windows\System32\DRIVERS\Ip6Fw.sys 4448006B6BC60E6C027932CFC38D6855
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\Windows\System32\DRIVERS\ipinip.sys E1EC7F5DA720B640CD8FB8424F1B14BB
C:\Windows\System32\DRIVERS\ipnat.sys B5A8E215AC29D24D60B4D1250EF05ACE
C:\Windows\System32\DRIVERS\ipsec.sys 64537AA5C003A6AFEEE1DF819062D0D1
C:\Windows\System32\DRIVERS\irenum.sys 50708DAA1B1CBB7D6AC1CF8F56A24410
C:\Windows\System32\DRIVERS\isapnp.sys 1091528512E4DD7ED5FDDCC4DF1C53D7
C:\Windows\System32\DRIVERS\kbdclass.sys 6F877BF8DC01A550CD666F3BEDB2213C
C:\Windows\System32\Drivers\kbfilter.sys 5C8D9984005F4D67AC58A94FB05AFF2E
C:\Windows\System32\drivers\kmixer.sys D93CAD07C5683DB066B0B2D2D3790EAD
C:\Windows\System32\Drivers\KSecDD.sys EB7FFE87FD367EA8FCA0506F74A87FBB
C:\WINDOWS\system32\drivers\mbamchameleon.sys 4A5FFDF0FE830C448830BD4B02B02B4B
C:\WINDOWS\system32\drivers\mbamswissarmy.sys 0DB7527DB188C7D967A37BB51BBF3963
C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\Windows\System32\Drivers\Modem.sys 60210DEB037846AFE521EBF349964F6B
C:\Windows\System32\DRIVERS\mouclass.sys B160EC94114715675509115986400FD9
C:\Windows\System32\DRIVERS\mouhid.sys BB269EBA740737AB749B214D568B6812
C:\Windows\System32\Drivers\MountMgr.sys 65653F3B4477F3C63E68A9659F85EE2E
C:\Windows\System32\DRIVERS\mrxdav.sys 46EDCC8F2DB2F322C24F48785CB46366
C:\Windows\System32\DRIVERS\mrxsmb.sys 1FD607FC67F7F7C633C3DA65BFC53D18
C:\Windows\System32\Drivers\Msfs.sys 561B3A4333CA2DBDBA28B5B956822519
C:\Windows\System32\drivers\MSKSSRV.sys AE431A8DD3C1D0D0610CDBAC16057AD0
C:\Windows\System32\drivers\MSPCLOCK.sys 13E75FEF9DFEB08EEDED9D0246E1F448
C:\Windows\System32\drivers\MSPQM.sys 1988A33FF19242576C3D0EF9CE785DA7
C:\Windows\System32\DRIVERS\mssmbios.sys 469541F8BFD2B32659D5D463A6714BCE
C:\Windows\System32\Drivers\Mup.sys 82035E0F41C2DD05AE41D27FE6CF7DE1
C:\Windows\System32\Drivers\NDIS.sys 558635D3AF1C7546D26067D5D9B6959E
C:\Windows\System32\DRIVERS\ndistapi.sys 08D43BBDACDF23F34D79E44ED35C1B4C
C:\Windows\System32\DRIVERS\ndisuio.sys 34D6CD56409DA9A7ED573E1C90A308BF
C:\Windows\System32\DRIVERS\ndiswan.sys 0B90E255A9490166AB368CD55A529893
C:\Windows\System32\Drivers\NDProxy.sys 59FC3FB44D2669BC144FD87826BB571F
C:\Windows\System32\DRIVERS\netbios.sys 3A2ACA8FC1D7786902CA434998D7CEB4
C:\Windows\System32\DRIVERS\netbt.sys 0C80E410CD2F47134407EE7DD19CC86B
C:\Windows\System32\Drivers\Npfs.sys 4F601BCB8F64EA3AC0994F98FED03F8E
C:\Windows\System32\Drivers\Ntfs.sys B78BE402C3F63DD55521F73876951CDD
C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\Windows\System32\DRIVERS\nv4_mini.sys 18C9B152DA7BEA76B2F9E4B6412E0AAF
C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\Windows\System32\DRIVERS\parport.sys 76A18CAA2FEFB28A4CED38D76837E86E
C:\Windows\System32\Drivers\PartMgr.sys 3334430C29DC338092F79C38EF7B4CD0
C:\Windows\System32\Drivers\ParVdm.sys 1FAE19D0457176318BBA4A8795656EBC
C:\Windows\System32\DRIVERS\pci.sys B7979F37BB7B9DF2230046134955E6E7
C:\Windows\System32\DRIVERS\pciide.sys 2DA4EC85E0EA7A45C6B2A05820492D5A
C:\Windows\System32\Drivers\Pcmcia.sys 90505755634407D4EF4C6DEA60FC1DF9
C:\Windows\System32\DRIVERS\raspptp.sys 1C5CC65AAC0783C344F16353E60B72AC
C:\Windows\System32\DRIVERS\psched.sys 48671F327553DCF1D27F6197F622A668
C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\Windows\System32\Drivers\PxHelp20.sys D86B4A68565E444D76457F14172C875A
C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\Windows\System32\DRIVERS\rasl2tp.sys 98FAEB4A4DCF812BA1C6FCA4AA3E115C
C:\Windows\System32\DRIVERS\raspppoe.sys 7306EEED8895454CBED4669BE9F79FAA
C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\Windows\System32\DRIVERS\rdbss.sys 29D66245ADBA878FFF574CD66ABD2884
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\Windows\System32\DRIVERS\rdpdr.sys A2CAE2C60BC37E0751EF9DDA7CEAF4AD
C:\Windows\System32\Drivers\RDPWD.sys D4F5643D7714EF499AE9527FDCD50894
C:\Windows\System32\DRIVERS\redbook.sys ABA13D33E1F888C9A68599A48A8840D6
C:\Windows\System32\DRIVERS\RTL8139.SYS D507C1400284176573224903819FFDA3
C:\Windows\System32\DRIVERS\Rtenicxp.sys 839141088AD7EE90F5B441B2D1AFD22C
C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 39763504067962108505BFF25F024345
C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85
C:\Windows\System32\DRIVERS\secdrv.sys D26E26EA516450AF9D072635C60387F4
C:\Windows\System32\DRIVERS\serenum.sys A2D868AEEFF612E70E213C451A70CAFB
C:\Windows\System32\DRIVERS\serial.sys C1DDBC85251551A840212999DA3D95F3
C:\Windows\System32\Drivers\Sfloppy.sys 0D13B6DF6E9E101013A7AFB0CE629FE0
C:\Windows\System32\DRIVERS\SMBios.sys D72A21424CA66C7A745BD995ECA6A710
C:\Windows\System32\drivers\splitter.sys 8E186B8F23295D1E42C573B82B80D548
C:\Windows\System32\DRIVERS\sr.sys A74035EA526DB97D9D50D2143A55F5CF
C:\Windows\System32\DRIVERS\srv.sys 20B7E396720353E4117D64D9DCB926CA
C:\Windows\System32\DRIVERS\swenum.sys 03C1BAE4766E2450219D20B993D6E046
C:\Windows\System32\drivers\swmidi.sys 94ABC808FC4B6D7D2BBF42B85E25BB4D
C:\Windows\System32\drivers\sysaudio.sys 650AD082D46BAC0E64C9C0E0928492FD
C:\Windows\System32\DRIVERS\tcpip.sys 9F4B36614A0FC234525BA224957DE55C
C:\Windows\System32\Drivers\TDPIPE.sys 38D437CF2D98965F239B0ABCD66DCB0F
C:\Windows\System32\Drivers\TDTCP.sys ED0580AF02502D00AD8C4C066B156BE9
C:\Windows\System32\DRIVERS\termdd.sys A540A99C281D933F3D69D55E48727F47
C:\Windows\System32\Drivers\Udfs.sys 12F70256F140CD7D52C58C7048FDE657
C:\Windows\System32\DRIVERS\update.sys AFF2E5045961BBC0A602BB6F95EB1345
C:\Windows\System32\DRIVERS\usbccgp.sys BFFD9F120CC63BCBAA3D840F3EEF9F79
C:\Windows\System32\DRIVERS\usbehci.sys 15E993BA2F6946B2BFBBFCD30398621E
C:\Windows\System32\Drivers\UsbFltr.sys 2E4D169F534D1D0A3C03A7F19184CC6B
C:\Windows\System32\DRIVERS\usbhub.sys C72F40947F92CEA56A8FB532EDF025F1
C:\Windows\System32\DRIVERS\usbohci.sys BDFE799A8531BAD8A5A985821FE78760
C:\Windows\System32\DRIVERS\usbprint.sys A42369B7CD8886CD7C70F33DA6FCBCF5
C:\Windows\System32\DRIVERS\usbscan.sys A6BC71402F4F7DD5B77FD7F4A8DDBA85
C:\Windows\System32\DRIVERS\USBSTOR.SYS 6CD7B22193718F1D17A47A1CD6D37E75
C:\Windows\System32\DRIVERS\usbuhci.sys F8FD1400092E23C8F2F31406EF06167B
C:\Windows\System32\drivers\vga.sys 8A60EDD72B4EA5AEA8202DAF0E427925
C:\Windows\System32\Drivers\VolSnap.sys CD8CCE067F7E9CBD762C00BDDDECAA34
C:\Windows\System32\DRIVERS\wanarp.sys 984EF0B9788ABF89974CFED4BFBAACBC
C:\Windows\System32\drivers\wdmaud.sys 2797F33EBF50466020C430EE4F037933
C:\Windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\Windows\System32\DRIVERS\zd1211u.sys ADF52208702B6CB497DCCE95A16F1E32

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-07 15:39 - 2013-09-07 15:39 - 01081843 _____ (Farbar) C:\Documents and Settings\Tomáš\Plocha\FRST.exe
2013-09-07 15:29 - 2013-09-07 15:29 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-09-07 15:15 - 2013-09-07 15:15 - 02218636 _____ C:\Documents and Settings\Tomáš\Plocha\tdsskiller.zip
2013-09-07 15:14 - 2013-09-07 15:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Tomáš\Plocha\tdsskiller.exe
2013-09-07 15:04 - 2013-09-07 15:04 - 00000000 ____D C:\Documents and Settings\Tomáš\Plocha\Původní data aplikace Firefox
2013-09-07 14:36 - 2013-09-07 14:36 - 00047901 _____ C:\ComboFix.txt
2013-09-07 14:04 - 2013-09-07 14:05 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-07 13:41 - 2013-09-07 14:32 - 00004116 _____ C:\WINDOWS\setupapi.log
2013-09-07 13:34 - 2013-09-07 13:34 - 00000000 _RSHD C:\cmdcons
2013-09-07 13:34 - 2011-05-28 19:26 - 00000211 _____ C:\Boot.bak
2013-09-07 13:34 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2013-09-07 13:31 - 2013-09-07 14:36 - 00000000 ____D C:\Qoobox
2013-09-07 13:31 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-09-07 13:31 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-09-07 13:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-09-07 13:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-09-07 13:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-09-07 13:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-09-07 13:31 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-09-07 13:31 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-09-07 13:31 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-09-07 13:30 - 2013-09-07 14:30 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-07 13:29 - 2013-09-07 13:29 - 03940154 _____ C:\Documents and Settings\Tomáš\Dokumenty\obnova site.bmp
2013-09-07 13:13 - 2013-09-07 13:13 - 05120615 ____R (Swearware) C:\Documents and Settings\Tomáš\Plocha\ComboFix.exe
2013-09-07 12:57 - 2013-09-07 12:57 - 00000000 ____D C:\_OTL
2013-09-07 12:51 - 2013-09-07 12:51 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Tomáš\Plocha\OTL.exe
2013-09-07 12:48 - 2013-09-07 12:48 - 00000735 _____ C:\Documents and Settings\Tomáš\Plocha\JRT.txt
2013-09-07 12:39 - 2013-09-07 12:39 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-07 12:36 - 2013-09-07 12:36 - 01028823 _____ (Thisisu) C:\Documents and Settings\Tomáš\Plocha\JRT.exe
2013-09-07 12:26 - 2013-09-07 12:27 - 00000000 ____D C:\AdwCleaner
2013-09-07 12:24 - 2013-09-07 12:24 - 01037222 _____ C:\Documents and Settings\Tomáš\Plocha\adwcleaner.exe
2013-09-07 12:16 - 2013-09-07 12:19 - 00004907 _____ C:\UsbFix [Clean 1] DOMA.txt
2013-09-07 12:03 - 2013-09-07 12:03 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Documents and Settings\Tomáš\Plocha\UsbFix.exe
2013-09-07 12:02 - 2013-09-07 12:19 - 00000000 ____D C:\UsbFix
2013-09-07 11:14 - 2009-12-01 15:18 - 00002258 ____N C:\eula.txt
2013-09-07 11:08 - 2013-09-07 11:08 - 00164352 ____N C:\kk.zip
2013-09-07 11:04 - 2013-09-07 11:04 - 00000906 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_DN_09072013_110414.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00001442 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_110309.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00001033 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_110322.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00000951 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_PR_09072013_110347.txt
2013-09-07 10:53 - 2013-09-07 10:53 - 00000972 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_105341.txt
2013-09-07 10:51 - 2013-09-07 10:51 - 00001708 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_D_09072013_105159.txt
2013-09-07 10:50 - 2013-09-07 10:50 - 00001664 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_105041.txt
2013-09-07 10:36 - 2013-09-07 10:36 - 00001631 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_103652.txt
2013-09-07 10:31 - 2013-09-07 10:51 - 00000000 ____D C:\Documents and Settings\Tomáš\Plocha\RK_Quarantine
2013-09-07 10:18 - 2013-09-07 10:18 - 00918016 _____ C:\Documents and Settings\Tomáš\Plocha\RogueKiller.exe
2013-09-07 09:16 - 2013-09-07 09:16 - 00000000 ____D C:\rsit
2013-09-07 09:15 - 2013-09-07 09:15 - 00781383 _____ C:\Documents and Settings\Tomáš\Plocha\RSIT.exe
2013-08-17 15:40 - 2013-09-07 08:48 - 00000000 ____D C:\Documents and Settings\Tomáš\Data aplikací\vlc
2013-08-17 15:33 - 2013-08-17 15:34 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\návody tv

==================== One Month Modified Files and Folders =======

2013-09-07 15:39 - 2013-09-07 15:39 - 01081843 _____ (Farbar) C:\Documents and Settings\Tomáš\Plocha\FRST.exe
2013-09-07 15:39 - 2007-11-03 22:53 - 00000000 ____D C:\Documents and Settings\Tomáš\Plocha
2013-09-07 15:32 - 2007-04-05 18:24 - 01104076 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-07 15:31 - 2013-08-07 15:41 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-09-07 15:31 - 2007-04-05 20:17 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-07 15:31 - 2007-04-05 20:17 - 00000048 _____ C:\WINDOWS\wiaservc.log
2013-09-07 15:31 - 2007-04-05 18:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-07 15:30 - 2007-04-05 18:33 - 00032510 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-07 15:29 - 2013-09-07 15:29 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-09-07 15:15 - 2013-09-07 15:15 - 02218636 _____ C:\Documents and Settings\Tomáš\Plocha\tdsskiller.zip
2013-09-07 15:15 - 2013-09-07 15:14 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Tomáš\Plocha\tdsskiller.exe
2013-09-07 15:13 - 2007-04-05 18:23 - 00000000 ____D C:\WINDOWS\system32\Restore
2013-09-07 15:04 - 2013-09-07 15:04 - 00000000 ____D C:\Documents and Settings\Tomáš\Plocha\Původní data aplikace Firefox
2013-09-07 14:47 - 2012-07-01 08:39 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-07 14:37 - 2007-04-05 18:33 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-09-07 14:36 - 2013-09-07 14:36 - 00047901 _____ C:\ComboFix.txt
2013-09-07 14:36 - 2013-09-07 13:31 - 00000000 ____D C:\Qoobox
2013-09-07 14:32 - 2013-09-07 13:41 - 00004116 _____ C:\WINDOWS\setupapi.log
2013-09-07 14:32 - 2001-10-25 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-09-07 14:31 - 2007-04-05 20:13 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-09-07 14:31 - 2007-04-05 20:13 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-09-07 14:31 - 2007-04-05 20:12 - 24379392 _____ C:\WINDOWS\system32\config\software.bak
2013-09-07 14:31 - 2007-04-05 20:12 - 07864320 _____ C:\WINDOWS\system32\config\system.bak
2013-09-07 14:31 - 2007-04-05 20:12 - 00524288 _____ C:\WINDOWS\system32\config\default.bak
2013-09-07 14:30 - 2013-09-07 13:30 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-07 14:30 - 2007-07-14 20:14 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-09-07 14:21 - 2007-11-03 22:53 - 00000000 __RHD C:\Documents and Settings\Tomáš\Data aplikací
2013-09-07 14:05 - 2013-09-07 14:04 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-07 14:02 - 2007-04-05 18:26 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-09-07 13:34 - 2013-09-07 13:34 - 00000000 _RSHD C:\cmdcons
2013-09-07 13:34 - 2007-04-05 20:12 - 00000327 __RSH C:\boot.ini
2013-09-07 13:29 - 2013-09-07 13:29 - 03940154 _____ C:\Documents and Settings\Tomáš\Dokumenty\obnova site.bmp
2013-09-07 13:29 - 2007-11-03 22:53 - 00000000 ___RD C:\Documents and Settings\Tomáš\Dokumenty
2013-09-07 13:13 - 2013-09-07 13:13 - 05120615 ____R (Swearware) C:\Documents and Settings\Tomáš\Plocha\ComboFix.exe
2013-09-07 12:57 - 2013-09-07 12:57 - 00000000 ____D C:\_OTL
2013-09-07 12:51 - 2013-09-07 12:51 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Tomáš\Plocha\OTL.exe
2013-09-07 12:48 - 2013-09-07 12:48 - 00000735 _____ C:\Documents and Settings\Tomáš\Plocha\JRT.txt
2013-09-07 12:39 - 2013-09-07 12:39 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-07 12:36 - 2013-09-07 12:36 - 01028823 _____ (Thisisu) C:\Documents and Settings\Tomáš\Plocha\JRT.exe
2013-09-07 12:27 - 2013-09-07 12:26 - 00000000 ____D C:\AdwCleaner
2013-09-07 12:27 - 2007-11-03 22:53 - 00000000 ___HD C:\DOCUME~1\TOM~1\LOCALS~1\Data aplikací
2013-09-07 12:27 - 2007-04-05 20:14 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-07 12:24 - 2013-09-07 12:24 - 01037222 _____ C:\Documents and Settings\Tomáš\Plocha\adwcleaner.exe
2013-09-07 12:19 - 2013-09-07 12:16 - 00004907 _____ C:\UsbFix [Clean 1] DOMA.txt
2013-09-07 12:19 - 2013-09-07 12:02 - 00000000 ____D C:\UsbFix
2013-09-07 12:03 - 2013-09-07 12:03 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Documents and Settings\Tomáš\Plocha\UsbFix.exe
2013-09-07 11:45 - 2007-04-05 18:33 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-09-07 11:25 - 2007-04-05 18:33 - 00000000 ____D C:\Documents and Settings\Administrator
2013-09-07 11:08 - 2013-09-07 11:08 - 00164352 ____N C:\kk.zip
2013-09-07 11:04 - 2013-09-07 11:04 - 00000906 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_DN_09072013_110414.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00001442 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_110309.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00001033 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_110322.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00000951 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_PR_09072013_110347.txt
2013-09-07 10:53 - 2013-09-07 10:53 - 00000972 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_105341.txt
2013-09-07 10:51 - 2013-09-07 10:51 - 00001708 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_D_09072013_105159.txt
2013-09-07 10:51 - 2013-09-07 10:31 - 00000000 ____D C:\Documents and Settings\Tomáš\Plocha\RK_Quarantine
2013-09-07 10:50 - 2013-09-07 10:50 - 00001664 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_105041.txt
2013-09-07 10:36 - 2013-09-07 10:36 - 00001631 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_103652.txt
2013-09-07 10:26 - 2012-10-09 14:08 - 00092708 _____ C:\Documents and Settings\Tomáš\Dokumenty\odkazi od andrei nové.txt
2013-09-07 10:19 - 2011-10-10 21:32 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\Tom
2013-09-07 10:19 - 2007-04-15 16:05 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-09-07 10:18 - 2013-09-07 10:18 - 00918016 _____ C:\Documents and Settings\Tomáš\Plocha\RogueKiller.exe
2013-09-07 09:16 - 2013-09-07 09:16 - 00000000 ____D C:\rsit
2013-09-07 09:16 - 2010-04-26 20:20 - 00000000 ____D C:\Program Files\trend micro
2013-09-07 09:15 - 2013-09-07 09:15 - 00781383 _____ C:\Documents and Settings\Tomáš\Plocha\RSIT.exe
2013-09-07 08:48 - 2013-08-17 15:40 - 00000000 ____D C:\Documents and Settings\Tomáš\Data aplikací\vlc
2013-09-07 06:45 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-05 22:48 - 2007-11-04 13:56 - 00000000 ___SD C:\Documents and Settings\Tomáš\UserData
2013-09-05 22:48 - 2007-11-03 22:53 - 00000000 ____D C:\Documents and Settings\Tomáš
2013-09-05 22:22 - 2012-03-21 09:36 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\Stažené soubory
2013-08-30 09:48 - 2013-08-07 15:41 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00177864 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-08-07 15:41 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2013-08-07 15:40 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-18 16:41 - 2012-05-11 10:03 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-17 15:40 - 2007-04-05 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-08-17 15:34 - 2013-08-17 15:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-17 14:51 - 2011-09-03 08:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\návody tv

Files to move or delete:
====================
C:\DOCUME~1\TOM~1\LOCALS~1\Temp\6A77AC30-2CBD-4596-8C65-68EDEDC1DC97.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 1032704 ____A (Microsoft Corporation) 53114d57ab73a406ac7f602227781a99

C:\Windows\System32\winlogon.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0502272 ____A (Microsoft Corporation) 221c29ae1b4cc61d11d8b27de78b2307

C:\Windows\System32\svchost.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0014336 ____A (Microsoft Corporation) dfba2915b0bf58abb288cd4c9318cb3f

C:\Windows\System32\services.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0108544 ____A (Microsoft Corporation) 6e401e61f952fbbf708afbecefafae81

C:\Windows\System32\User32.dll
[2004-08-17 15:49] - [2004-08-17 15:49] - 0577024 ____A (Microsoft Corporation) 1b4ccc59980da34e75f20e42b283b027

C:\Windows\System32\userinit.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0024576 ____A (Microsoft Corporation) 836f7960362ff95c5d49e40b891f2cfc

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 15:44] - [2004-08-17 15:44] - 0052480 ____A (Microsoft Corporation) cd8cce067f7e9cbd762c00bdddecaa34


==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2013 02
Ran by Tomáš at 2013-09-07 15:41:50
Running from C:\Documents and Settings\Tomáš\Plocha
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Czech (Version: 10.1.7)
Aktualizace systému Windows XP (KB898461) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB921883) (Version: 1)
Altap Salamander 2.51 (Version: 2.51)
ArcSoft PhotoStudio 5.5
Ashampoo Burning Studio 6 FREE v.6.80 (Version: 6.8.0)
avast! Free Antivirus (Version: 8.0.1497.0)
BitLord 1.1 (Version: 1.1)
Canon MP Drivers 7.0
Canon MP Navigator 1.1
Canon ScanGear Starter
Canon Utilities Easy-PhotoPrint
CCleaner (Version: 4.01)
Commander 1.29
Corel Applications
Defraggler (Version: 2.03)
Easy-WebPrint
HD Tune 2.55
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HijackThis 2.0.2 (Version: 2.0.2)
InterVideo WinDVD (Version: 5.0-B11.333)
Malwarebytes Anti-Malware verze 1.75.0.1300 (Version: 1.75.0.1300)
Media Key
Microsoft Office Access MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Groove MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office InfoPath MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office OneNote MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Outlook MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office PowerPoint MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Office Proof (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Slovak) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proofing (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Publisher MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Shared MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Word MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Software Update for Web Folders (Czech) 12 (Version: 12.0.4518.1025)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 23.0.1 (x86 cs) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero Suite
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA nView 135.50 (Version: 135.50)
NVIDIA nView Desktop Manager (Version: 6.14.10.13550)
NVIDIA Ovladače grafiky 266.58 (Version: 266.58)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA Systémový software PhysX 9.10.0514 (Version: 9.10.0514)
OmniPage SE 2.0 (Version: 2.00.0004)
OpenOffice.org 3.3 (Version: 3.3.9567)
Opera 12.16 (Version: 12.16.1860)
Opera 9.24 (Version: 9.24)
Ovládací panel NVIDIA 266.58 (Version: 266.58)
PC Translator
PDFCreator (Version: 0.9.6)
PowerArchiver 2006 v9.64 Czech (Version: 9.64)
PSPad editor
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.23.0000)
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.70)
Realtek High Definition Audio Driver (Version: 5.10.0.5730)
SecondLife (remove only)
SUPERAntiSpyware (Version: 5.0.1118)
swMSM (Version: 12.0.0.1)
TopStyle Lite (Version 3.0) (Version: 3.1.0)
UsbFix By El Desaparecido
Visual C++ 8.0 Runtime Setup Package (Version: 1.0.0.0)
VLC media player 2.0.8 (Version: 2.0.8)
WebFldrs XP (Version: 9.50.7523)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Media Format Runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.20 (32-bit) (Version: 4.20.0)


==================== Restore Points =========================

07-09-2013 13:13:42 Kontrolní bod systému

==================== Hosts content: ==========================

2001-10-25 14:00 - 2013-09-07 14:32 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Loaded Modules (whitelisted) =============

2006-10-22 12:22 - 2011-01-08 05:27 - 01958400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2011-01-07 20:58 - 2011-01-07 20:58 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVRSCS.DLL
2013-09-07 10:48 - 2013-09-07 08:48 - 02098176 _____ () C:\Program Files\AVAST Software\Avast\defs\13090700\algo.dll
2011-07-19 02:02 - 2011-07-19 02:02 - 00113024 _____ (SuperAdBlocker.com) C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
2007-04-11 06:09 - 2004-08-16 22:00 - 00116736 _____ (CANON INC.) C:\WINDOWS\system32\CNMLM6f.DLL
2008-10-19 17:05 - 2001-10-28 17:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2007-04-11 06:09 - 2004-08-16 22:00 - 00017920 _____ (CANON INC.) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD6f.DLL
2007-04-07 18:10 - 2003-06-19 01:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
2013-05-27 20:14 - 2006-10-26 19:56 - 00033104 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\msonpppr.dll
2013-01-10 16:56 - 2013-08-07 15:58 - 16192864 _____ (Opera Software) C:\Program Files\Opera\Opera.dll
2004-08-17 15:49 - 2004-08-17 15:49 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-08-07 15:55 - 2013-08-07 15:55 - 16166280 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Documents and Settings\Tomáš\Dokumenty\Thumbs.db:encryptable

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2013 01:45:43 PM) (Source: Application Error) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.2180, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x6f8917c2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])

Error: (09/07/2013 01:26:17 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace opera.exe, verze 12.16.1860.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (08/18/2013 04:55:50 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace opera.exe, verze 12.16.1860.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (08/12/2013 10:13:22 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace miranda32.exe, verze 0.8.0.1, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (08/12/2013 10:13:20 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace miranda32.exe, verze 0.8.0.1, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (12/14/2012 00:25:41 PM) (Source: Application Error) (User: )
Description: Chybující aplikace , verze 0.0.0.0, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x6f8917c2.
Zpracování události, specifické pro médium ([!ws!])

Error: (10/09/2012 06:25:37 PM) (Source: ESENT) (User: )
Description: Catalog Database (1692) Databáze C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb byla částečně odpojena. Při aktualizaci záhlaví databáze došlo k chybě -1032.

Error: (10/09/2012 06:25:37 PM) (Source: ESENT) (User: )
Description: Catalog Database (1692) Pro soubor C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb nelze zapsat stínové záhlaví. Chyba -1032

Error: (10/09/2012 06:25:37 PM) (Source: ESENT) (User: )
Description: svchost (1692) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/29/2012 11:47:00 AM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace opera.exe, verze 12.0.1467.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.


System errors:
=============
Error: (09/07/2013 03:32:03 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:32:03 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:32:03 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:32:03 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:32:03 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:32:02 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:32:02 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:31:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:31:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 03:31:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 1023.23 MB
Available physical RAM: 544.23 MB
Total Pagefile: 2465.12 MB
Available Pagefile: 2056.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:130.51 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 30273026)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex: Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:fixlist.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na PRESNE tam kde mas program FRST.exe
Spust program FRST.exe ale teraz klikni na gombik FIX
Log Fixlog.txt vloz sem.

FRST mám na ploše, takže na plochu fixlist a nepřetahovat jako u combofixu, ale jen spustit FRST a dát fix


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2013 02
Ran by Tomáš at 2013-09-07 16:01:08 Run:1
Running from C:\Documents and Settings\Tomáš\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
C:\DOCUME~1\TOM~1\LOCALS~1\Temp\6A77AC30-2CBD-4596-8C65-68EDEDC1DC97.exe
HKU\Administrator\...\RunOnce: [spchecker] - "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
Toolbar: HKCU -No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.cz/OnlineScanner.cab
FF HKLM\...\Firefox\Extensions: [avg@igeared] C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
2013-09-07 11:04 - 2013-09-07 11:04 - 00000906 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_DN_09072013_110414.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00001442 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_110309.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00001033 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_110322.txt
2013-09-07 11:03 - 2013-09-07 11:03 - 00000951 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_PR_09072013_110347.txt
2013-09-07 10:53 - 2013-09-07 10:53 - 00000972 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_105341.txt
2013-09-07 10:51 - 2013-09-07 10:51 - 00001708 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_D_09072013_105159.txt
2013-09-07 10:50 - 2013-09-07 10:50 - 00001664 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_105041.txt
2013-09-07 10:36 - 2013-09-07 10:36 - 00001631 _____ C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_103652.txt
2013-09-07 10:31 - 2013-09-07 10:51 - 00000000 ____D C:\Documents and Settings\Tomáš\Plocha\RK_Quarantine
2013-09-07 10:18 - 2013-09-07 10:18 - 00918016 _____ C:\Documents and Settings\Tomáš\Plocha\RogueKiller.exe
End
*****************

C:\DOCUME~1\TOM~1\LOCALS~1\Temp\6A77AC30-2CBD-4596-8C65-68EDEDC1DC97.exe => Moved successfully.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Prev Search Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_search_url => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search bar => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value deleted successfully.
HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.
HKCR\CLSID\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B} => Key not found.
HKLM\Software\Mozilla\Firefox\Extensions\\avg@igeared => Value deleted successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_DN_09072013_110414.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_110309.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_110322.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_PR_09072013_110347.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_H_09072013_105341.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_D_09072013_105159.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_105041.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RKreport[0]_S_09072013_103652.txt => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RK_Quarantine => Moved successfully.
C:\Documents and Settings\Tomáš\Plocha\RogueKiller.exe => Moved successfully.

==== End of Fixlog ====



Edit:

z plochy zmizala část ikon reporty a další co vznikli během čištění, doufám že to je správně, že jsem něco nezkazila, vidím to sice v tom scriptu že sahal na věci na ploše, ale raději se ptám

Vsetko ok.
Pokracuj takto:
1:Pouzi T-Cleaner
Navod od kolegu vyoska.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

2: Vypni obnovu systemu>>restartuj pocitac a obnovu Zapni.
3:Nainstaluj tieto aktualizacie:
http://www.microsoft.com/cs-cz/download ... x?id=17457
http://www.microsoft.com/cs-cz/download ... px?id=3205

4: Nainstaluj tento program
http://www.viruskasino.com/p/blog-page_6.html

Odskusaj a napis ako funguje pc.
Doporucenie:
Nemas nainstalovany SERVICE PACK-3
Treba nainstalovat
Treba nainstalofat Firewall ku AVASTU,,ale bez dalsieho av programu.

Tak T-cleaner použit, obnova systému vypnuta a zapnuta, obě aktualizace nainstalovány, program malwarebytes anti-exploit nainstalován

Počítač zatím jede snad dobře, nevím jak to přesně poznat, tak avast nic nehlásí, tak uvidím

Toho service packu3 jsem si bohužel vědoma, instaloval se asi 3 x, nejdřív syn majitelů počítače ho instaloval a skončilo to restartováním, tak dal čistou instalaci (windows sp2 z cd) a pak doinstaloval dodatečně sp3 a zase se to restartovalo, tak to dali firmě, co ten počítač postavila (je to z roku 2005 ale část komponent je vyměněna, protože vadné zdroje vzali desku, disk a další do křemíkového nebe), nainstalovali tam win sp2 a pak plác sp3 a zase restarty, tak zkusili integrované cd (nějaký nLite) tam byl i sp3 a všechny aktualizace, stejně se to resetovalo, tak to uzavřeli s tím, že ovladače desky jsou nekompatibilní a že se tedy pojede na sp2 a když budou nové (pokud budou) tak se dá sp3, je to asi rok a půl co odešel zdroj a vzal sebou desku, takže je nová, nevím zda by to mohlo tudíž nyní jít, nemám odvahu to zkoušet po tom co lidem co v počítačích podnikají to nešlo, tak co bych zmohla já, hlavně se bojím toho kdyby to skončilo restartováním tak nevím jak reinstalovat systém, cd tu dnad někde je a štítky jsou na té bedně dole tam je číslo, ale protože je na počítači sata disk, tak prý je nutný ovladač při instalaci a to nevím jak, je tu i disketová mechanika, ale ta neběží je odpojená, takže by musel být integrován do bootovacího cd s win i ovladač disku sata (takhle to tedy říkali lidé co o tom ví víc jak já), oblouvám se za román

K firewallu, byla tu licence na avg internet security (nějaká zvýhodněná), ale všichni říkali raději dej avast free, tak jsem dala avast free, ale u firewalu jsem nevěděla jaký, kerio je mrtvé (sunbelt), zonealarm byl anglicky, uvažovala jsem o comodofw, ale nevím zda bych to zvládla a oni k němu integrují spoustu věcí (antivir a další, už jsem neviděla comodo samotné), uvítám radu, nějaký dobrý, nenáročný (na uživatele) firewall, prostě blbuvzdorný, abych to nezvorala

Ještě jsem vymazala karanténu malwarebytes a avastu (aby ještě nakonec nevylezli )

Asi nemá cenu znovu skenovat počítač avastem a spol. uvidím, zda se avast neozve sám

PS: nevím jak se počítač zaviroval, zda mezerou (bezpečnostní dírou), nebo zda jsem něco někde odklikla a nebo zda se něco přitáhlo na USB flash disku, nějaká rada jak tomu předejít?, USB flash disky a další skenuji AV a Antispyware, ale asi to nestačí, nedávno tu byl marek (syn majitelů) a ten měl problém že mu nešel otevřít USB flash disk, tak se formátoval, protože on má mac (apple - nevím jaká verze - lion asi) a když si přinesl USB od kamaráda tak mu nešlo otevřít, mohlo by to být tím?, ale na macu moc viry nejsou, ale tak kopírovalo se na to z win, tak možná tak, ach jiu

To nejdůležitější na konec:

Děkuju moc moc moc za pomoc a trpělivost se mnou, ještě jednou moc moc děkuju, mrzí mě, že jsi kvůli mě ztrávil jeden z posledních pěkných dnů takhle, ale moc ti za to děkuju, posílám pusu a přeji hezký zbytek víkendu a co nejhezčí počasí, děkuju

Conficker je strasne odolny cerv,ako vidim je to uplna nova varianta, pretoze nerozpoznali to ani specialne Anti-conficker programy,, siri sa cez USB, teraz USBFIX zaockoval tvoje vymenne media,USBKLUCE, atd. takze budes mat pokoj.
Netreba dovolit pripajat k pocitacu cudzie USB zariadenia.

Nainstaluj Tento firewall
http://www.majorgeeks.com/files/details ... _plus.html
Je to dobry Firewall
Link mas tam kde som ti dal.
Download@MajorGeeks

Ie-eplorer NEPOUZIVAt, len v nutnom pripade.
ak SP-3 sa neda tak sa neda.

Potom treba vypnut autorun a auto play, tu mas navod v mojom blogu
http://www.viruskasino.com/2011/04/opra ... n-autoplay
ak nieco tak napis,
Zatial nemas zaco.

Promiň že píšu až nyní, ale zakřikla jsem to, instalace PC Tools firewalu nedopadla dobře, před koncem instalace, nastal tvrdý reset a po nájezdu modrá obrazovka, zkusila jsem i poslední známou konfiguraci, ale nezabralo to, ani pokus o odinstalaci v nouzovém režimu nevyšel, nakonec pomohlo obnovení systému, které dost rozhodilo vše, nevím moc co dál, zmizel ten malwarebytes anti-exploit, nevím zda jsou nainstalované ty aktualizace co jsem měla nainstalovat, když jsem se vracela k bodu obnovení , PC nyní tedy běží, ale budu asi potřebovat poradit a zjistit kde byla chyba, ale PC tools firewall už raději tedy ne, myslela jsem že to už nerozeběhnu

Modré obrazovky měli chyby STOP
0x000000F4
0c 00005
c000021a {Z
nebo tak nějak, moc jsem to nestíhala a klepala jsem se strachy ach jiu a přitom už to vypadalo tak vpohodě


Edit:
Zjistila jsem že nejde internet explorer (nešel už před instalací FW), sice ho nepoužívám, ale raději to říkám

hm, tak naozaj je to stara kraksna, pozri sa se,>>start>>ovladacie panely, pridat/odobrat programy, ci je tam Pctools Firewall, ak ano odinstaluj,]

Potom v hore zafajkni,Zobrazit aktualizacie, a skontroluj ci tam mas tieto aktualizacie
KB894391
KB958644
ak ano tak potom ok,
a daj novy log z FRST.exe

Internet.explorer
1:Otvorte Internet.explorer.
2:Kliknite na záložku Nástroje a potom vyberte Možnosti Internetu...
3:Teraz kliknite na kartu Pripojenia.
4:Teraz kliknite na tlačidlo Nastavenie miestnej siete(LAN)
5:Teraz budete na sieti (LAN)
6:zrušte za čiarknutie, políčko, Používať proxy server pre vašu LAN. Potom stlačte tlačidlo OK.
hotovo.

Takhle nějak dopadala ta instalace sp3, jinak já vím že je to stará plechovka, ale je to jediné co mám, doma mám pentium r myslím 192MB ram a win 98, takže tohle je suprové dělo pro mě

PC tools FW není v přidat odebrat programy, ani by se asi nedal odinstalovat (v nouzovém to končilo modrou)
Aktualizace je tam jen tahle KB894391 ta druhá tam není

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2013 03
Ran by Tomáš (administrator) on DOMA on 07-09-2013 20:03:35
Running from C:\Documents and Settings\Tomáš\Plocha
Systém Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [17331200 2008-10-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 323
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 323
HKCU\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Administrator\...\Run: [OEXPRESS] - C:\WINDOWS\OETRN.EXE [ 2007-04-12] ()

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
Toolbar: HKLM - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.cz/OnlineScanner.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\38phtk9w.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

========================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-08] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R1 kbfilter; C:\Windows\System32\Drivers\kbfilter.sys [12856 2002-07-11] (WayTech Development, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-01-04] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-09-07] (Malwarebytes Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2004-07-17] ()
R3 SMBios; C:\Windows\System32\DRIVERS\SMBios.sys [36484 2004-06-07] (Intel Corporation)
S3 ZD1211U(ZyDAS); C:\Windows\System32\DRIVERS\zd1211u.sys [259584 2004-12-22] (ZyDAS Technology Corporation)
S4 IntelIde; No ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-07 20:02 - 2013-09-07 20:02 - 01081941 _____ (Farbar) C:\Documents and Settings\Tomáš\Plocha\FRST.exe
2013-09-07 19:28 - 2013-09-07 19:28 - 00000000 ____D C:\1b735d05094cd480c1336f71
2013-09-07 19:25 - 2013-09-07 19:25 - 00065536 _____ C:\WINDOWS\Minidump\Mini090713-03.dmp
2013-09-07 19:16 - 2013-09-07 19:23 - 00000030 _____ C:\WINDOWS\FirewallPlus3Uninstall.log
2013-09-07 19:14 - 2013-09-07 19:14 - 00065536 _____ C:\WINDOWS\Minidump\Mini090713-02.dmp
2013-09-07 19:11 - 2013-09-07 19:11 - 00065536 _____ C:\WINDOWS\Minidump\Mini090713-01.dmp
2013-09-07 19:08 - 2013-09-07 19:28 - 00000000 ____D C:\Program Files\PC Tools Firewall Plus
2013-09-07 16:38 - 2013-09-07 19:31 - 00000472 _____ C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job
2013-09-07 16:38 - 2013-09-07 19:28 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Exploit
2013-09-07 16:37 - 2013-09-07 16:37 - 01962968 _____ (Malwarebytes ) C:\Documents and Settings\Tomáš\Dokumenty\mbae-setup-0.9.2.1200.exe
2013-09-07 16:31 - 2013-09-07 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958644$
2013-09-07 16:28 - 2013-09-07 16:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB894391$
2013-09-07 16:26 - 2013-09-07 16:26 - 02085104 _____ (Microsoft Corporation) C:\Documents and Settings\Tomáš\Dokumenty\WindowsXP-KB894391-x86-CSY.exe
2013-09-07 16:26 - 2013-09-07 16:26 - 00656240 _____ (Microsoft Corporation) C:\Documents and Settings\Tomáš\Dokumenty\WindowsXP-KB958644-x86-CSY.exe
2013-09-07 16:14 - 2013-09-07 16:14 - 00165888 _____ C:\Documents and Settings\Tomáš\Dokumenty\T-Cleaner.exe
2013-09-07 15:04 - 2013-09-07 15:04 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\Původní data aplikace Firefox
2013-09-07 14:04 - 2013-09-07 14:05 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-07 13:34 - 2013-09-07 13:34 - 00000000 _RSHD C:\cmdcons
2013-09-07 13:34 - 2011-05-28 19:26 - 00000211 _____ C:\Boot.bak
2013-09-07 13:34 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2013-09-07 13:31 - 2013-09-07 16:17 - 00000000 ____D C:\Qoobox
2013-09-07 13:29 - 2013-09-07 13:29 - 03940154 _____ C:\Documents and Settings\Tomáš\Dokumenty\obnova site.bmp
2013-09-07 12:39 - 2013-09-07 12:39 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-07 11:14 - 2009-12-01 15:18 - 00002258 ____N C:\eula.txt
2013-09-07 11:08 - 2013-09-07 11:08 - 00164352 ____N C:\kk.zip
2013-08-17 15:40 - 2013-09-07 17:25 - 00000000 ____D C:\Documents and Settings\Tomáš\Data aplikací\vlc
2013-08-17 15:33 - 2013-08-17 15:34 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\návody tv

==================== One Month Modified Files and Folders =======

2013-09-07 20:03 - 2007-04-05 18:24 - 01125203 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-07 20:02 - 2013-09-07 20:02 - 01081941 _____ (Farbar) C:\Documents and Settings\Tomáš\Plocha\FRST.exe
2013-09-07 20:02 - 2007-11-03 22:53 - 00000000 ____D C:\Documents and Settings\Tomáš\Plocha
2013-09-07 19:47 - 2012-07-01 08:39 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-07 19:34 - 2007-11-03 22:53 - 00000000 ___RD C:\Documents and Settings\Tomáš\Dokumenty
2013-09-07 19:32 - 2013-08-07 15:41 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-09-07 19:31 - 2013-09-07 16:38 - 00000472 _____ C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job
2013-09-07 19:31 - 2007-04-05 20:17 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-07 19:31 - 2007-04-05 20:17 - 00000048 _____ C:\WINDOWS\wiaservc.log
2013-09-07 19:31 - 2007-04-05 18:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-07 19:30 - 2007-11-03 22:53 - 00000000 ____D C:\Documents and Settings\Tomáš
2013-09-07 19:30 - 2007-04-05 18:33 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-09-07 19:30 - 2007-04-05 18:33 - 00000000 ____D C:\Documents and Settings\Administrator
2013-09-07 19:30 - 2007-04-05 18:30 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-09-07 19:29 - 2007-04-05 18:22 - 00000000 ____D C:\WINDOWS\Registration
2013-09-07 19:28 - 2013-09-07 19:28 - 00000000 ____D C:\1b735d05094cd480c1336f71
2013-09-07 19:28 - 2013-09-07 19:08 - 00000000 ____D C:\Program Files\PC Tools Firewall Plus
2013-09-07 19:28 - 2013-09-07 16:38 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Exploit
2013-09-07 19:28 - 2007-11-04 13:56 - 00000000 ___SD C:\Documents and Settings\Tomáš\UserData
2013-09-07 19:27 - 2007-04-05 18:33 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-09-07 19:25 - 2013-09-07 19:25 - 00065536 _____ C:\WINDOWS\Minidump\Mini090713-03.dmp
2013-09-07 19:25 - 2007-04-05 20:05 - 52944896 _____ C:\WINDOWS\MEMORY.DMP
2013-09-07 19:23 - 2013-09-07 19:16 - 00000030 _____ C:\WINDOWS\FirewallPlus3Uninstall.log
2013-09-07 19:22 - 2007-04-05 18:33 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2013-09-07 19:22 - 2007-04-05 18:33 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2013-09-07 19:14 - 2013-09-07 19:14 - 00065536 _____ C:\WINDOWS\Minidump\Mini090713-02.dmp
2013-09-07 19:11 - 2013-09-07 19:11 - 00065536 _____ C:\WINDOWS\Minidump\Mini090713-01.dmp
2013-09-07 19:11 - 2007-12-04 08:37 - 00000000 ____D C:\WINDOWS\Minidump
2013-09-07 19:03 - 2007-04-05 18:33 - 00032510 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-07 17:25 - 2013-08-17 15:40 - 00000000 ____D C:\Documents and Settings\Tomáš\Data aplikací\vlc
2013-09-07 17:14 - 2012-10-09 14:08 - 00092791 _____ C:\Documents and Settings\Tomáš\Dokumenty\odkazi od andrei nové.txt
2013-09-07 16:38 - 2007-04-05 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-09-07 16:37 - 2013-09-07 16:37 - 01962968 _____ (Malwarebytes ) C:\Documents and Settings\Tomáš\Dokumenty\mbae-setup-0.9.2.1200.exe
2013-09-07 16:31 - 2013-09-07 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958644$
2013-09-07 16:31 - 2009-07-16 13:38 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-09-07 16:28 - 2013-09-07 16:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB894391$
2013-09-07 16:26 - 2013-09-07 16:26 - 02085104 _____ (Microsoft Corporation) C:\Documents and Settings\Tomáš\Dokumenty\WindowsXP-KB894391-x86-CSY.exe
2013-09-07 16:26 - 2013-09-07 16:26 - 00656240 _____ (Microsoft Corporation) C:\Documents and Settings\Tomáš\Dokumenty\WindowsXP-KB958644-x86-CSY.exe
2013-09-07 16:24 - 2007-04-05 18:23 - 00000000 ____D C:\WINDOWS\system32\Restore
2013-09-07 16:17 - 2013-09-07 13:31 - 00000000 ____D C:\Qoobox
2013-09-07 16:17 - 2010-04-26 20:20 - 00000000 ____D C:\Program Files\trend micro
2013-09-07 16:14 - 2013-09-07 16:14 - 00165888 _____ C:\Documents and Settings\Tomáš\Dokumenty\T-Cleaner.exe
2013-09-07 15:04 - 2013-09-07 15:04 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\Původní data aplikace Firefox
2013-09-07 14:32 - 2001-10-25 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-09-07 14:31 - 2007-04-05 20:13 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-09-07 14:31 - 2007-04-05 20:13 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-09-07 14:31 - 2007-04-05 20:12 - 24379392 _____ C:\WINDOWS\system32\config\software.bak
2013-09-07 14:31 - 2007-04-05 20:12 - 07864320 _____ C:\WINDOWS\system32\config\system.bak
2013-09-07 14:31 - 2007-04-05 20:12 - 00524288 _____ C:\WINDOWS\system32\config\default.bak
2013-09-07 14:30 - 2007-07-14 20:14 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-09-07 14:21 - 2007-11-03 22:53 - 00000000 __RHD C:\Documents and Settings\Tomáš\Data aplikací
2013-09-07 14:05 - 2013-09-07 14:04 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-07 14:02 - 2007-04-05 18:26 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-09-07 13:34 - 2013-09-07 13:34 - 00000000 _RSHD C:\cmdcons
2013-09-07 13:34 - 2007-04-05 20:12 - 00000327 __RSH C:\boot.ini
2013-09-07 13:29 - 2013-09-07 13:29 - 03940154 _____ C:\Documents and Settings\Tomáš\Dokumenty\obnova site.bmp
2013-09-07 12:39 - 2013-09-07 12:39 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-07 12:27 - 2007-11-03 22:53 - 00000000 ___HD C:\DOCUME~1\TOM~1\LOCALS~1\Data aplikací
2013-09-07 12:27 - 2007-04-05 20:14 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-07 11:08 - 2013-09-07 11:08 - 00164352 ____N C:\kk.zip
2013-09-07 10:19 - 2011-10-10 21:32 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\Tom
2013-09-07 10:19 - 2007-04-15 16:05 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-09-07 06:45 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-05 22:22 - 2012-03-21 09:36 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\Stažené soubory
2013-08-30 09:48 - 2013-08-07 15:41 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00177864 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-08-07 15:41 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-08-07 15:41 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2013-08-07 15:40 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-18 16:41 - 2012-05-11 10:03 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-17 15:34 - 2013-08-17 15:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-17 14:51 - 2011-09-03 08:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ____D C:\Documents and Settings\Tomáš\Dokumenty\návody tv

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 1032704 ____A (Microsoft Corporation) 53114d57ab73a406ac7f602227781a99

C:\Windows\System32\winlogon.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0502272 ____A (Microsoft Corporation) 221c29ae1b4cc61d11d8b27de78b2307

C:\Windows\System32\svchost.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0014336 ____A (Microsoft Corporation) dfba2915b0bf58abb288cd4c9318cb3f

C:\Windows\System32\services.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0108544 ____A (Microsoft Corporation) 6e401e61f952fbbf708afbecefafae81

C:\Windows\System32\User32.dll
[2004-08-17 15:49] - [2004-08-17 15:49] - 0577024 ____A (Microsoft Corporation) 1b4ccc59980da34e75f20e42b283b027

C:\Windows\System32\userinit.exe
[2004-08-17 15:49] - [2004-08-17 15:49] - 0024576 ____A (Microsoft Corporation) 836f7960362ff95c5d49e40b891f2cfc

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 15:44] - [2004-08-17 15:44] - 0052480 ____A (Microsoft Corporation) cd8cce067f7e9cbd762c00bdddecaa34


==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2013 03
Ran by Tomáš at 2013-09-07 20:04:32
Running from C:\Documents and Settings\Tomáš\Plocha
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Czech (Version: 10.1.7)
Aktualizace systému Windows XP (KB894391) (Version: 1)
Aktualizace systému Windows XP (KB898461) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB921883) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB958644) (Version: 1)
Altap Salamander 2.51 (Version: 2.51)
ArcSoft PhotoStudio 5.5
Ashampoo Burning Studio 6 FREE v.6.80 (Version: 6.8.0)
avast! Free Antivirus (Version: 8.0.1497.0)
BitLord 1.1 (Version: 1.1)
Canon MP Drivers 7.0
Canon MP Navigator 1.1
Canon ScanGear Starter
Canon Utilities Easy-PhotoPrint
CCleaner (Version: 4.01)
Commander 1.29
Corel Applications
Defraggler (Version: 2.03)
Easy-WebPrint
HD Tune 2.55
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HijackThis 2.0.2 (Version: 2.0.2)
InterVideo WinDVD (Version: 5.0-B11.333)
Malwarebytes Anti-Malware verze 1.75.0.1300 (Version: 1.75.0.1300)
Media Key
Microsoft Office Access MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Groove MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office InfoPath MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office OneNote MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Outlook MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office PowerPoint MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Office Proof (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Slovak) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proofing (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Publisher MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Shared MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Word MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Software Update for Web Folders (Czech) 12 (Version: 12.0.4518.1025)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 23.0.1 (x86 cs) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero Suite
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA nView 135.50 (Version: 135.50)
NVIDIA nView Desktop Manager (Version: 6.14.10.13550)
NVIDIA Ovladače grafiky 266.58 (Version: 266.58)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA Systémový software PhysX 9.10.0514 (Version: 9.10.0514)
OmniPage SE 2.0 (Version: 2.00.0004)
OpenOffice.org 3.3 (Version: 3.3.9567)
Opera 12.16 (Version: 12.16.1860)
Opera 9.24 (Version: 9.24)
Ovládací panel NVIDIA 266.58 (Version: 266.58)
PC Translator
PDFCreator (Version: 0.9.6)
PowerArchiver 2006 v9.64 Czech (Version: 9.64)
PSPad editor
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.23.0000)
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.70)
Realtek High Definition Audio Driver (Version: 5.10.0.5730)
SecondLife (remove only)
SUPERAntiSpyware (Version: 5.0.1118)
swMSM (Version: 12.0.0.1)
TopStyle Lite (Version 3.0) (Version: 3.1.0)
UsbFix By El Desaparecido
Visual C++ 8.0 Runtime Setup Package (Version: 1.0.0.0)
VLC media player 2.0.8 (Version: 2.0.8)
WebFldrs XP (Version: 9.50.7523)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Media Format Runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.20 (32-bit) (Version: 4.20.0)


==================== Restore Points =========================

07-09-2013 14:25:09 Kontrolní bod systému
07-09-2013 14:28:41 Nainstalováno Windows XP KB894391.
07-09-2013 14:31:54 Nainstalováno Windows XP KB958644.
07-09-2013 17:27:49 Operace obnovení

==================== Hosts content: ==========================

2001-10-25 14:00 - 2013-09-07 14:32 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe

==================== Loaded Modules (whitelisted) =============

2007-04-05 18:21 - 2004-08-17 15:49 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbem\framedyn.dll
2006-10-22 12:22 - 2011-01-08 05:27 - 01958400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2011-01-07 20:58 - 2011-01-07 20:58 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVRSCS.DLL
2013-09-07 10:48 - 2013-09-07 08:48 - 02098176 _____ () C:\Program Files\AVAST Software\Avast\defs\13090700\algo.dll
2011-07-19 02:02 - 2011-07-19 02:02 - 00113024 _____ (SuperAdBlocker.com) C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
2013-08-07 16:08 - 2012-06-09 19:20 - 00167936 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2013-08-07 16:08 - 2012-07-01 20:34 - 00344064 _____ () C:\Program Files\WinRAR\rarlng.dll
2007-04-06 00:00 - 2006-12-10 12:36 - 00080896 _____ (ConeXware, Inc.) C:\Program Files\PowerArchiver\PASHLEXT.DLL
2009-03-19 20:35 - 2008-03-19 17:20 - 00009216 _____ (ALTAP) C:\Program Files\Altap Salamander 2.5\plugins\salamext.dll
2007-04-11 06:09 - 2004-08-16 22:00 - 00116736 _____ (CANON INC.) C:\WINDOWS\system32\CNMLM6f.DLL
2008-10-19 17:05 - 2001-10-28 17:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2007-04-11 06:09 - 2004-08-16 22:00 - 00017920 _____ (CANON INC.) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD6f.DLL
2007-04-07 18:10 - 2003-06-19 01:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
2013-05-27 20:14 - 2006-10-26 19:56 - 00033104 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\msonpppr.dll
2013-01-10 16:56 - 2013-08-07 15:58 - 16192864 _____ (Opera Software) C:\Program Files\Opera\Opera.dll
2004-08-17 15:49 - 2004-08-17 15:49 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Documents and Settings\Tomáš\Dokumenty\Thumbs.db:encryptable

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2013 01:45:43 PM) (Source: Application Error) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.2180, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x6f8917c2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])

Error: (09/07/2013 01:26:17 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace opera.exe, verze 12.16.1860.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (08/18/2013 04:55:50 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace opera.exe, verze 12.16.1860.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (08/12/2013 10:13:22 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace miranda32.exe, verze 0.8.0.1, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (08/12/2013 10:13:20 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace miranda32.exe, verze 0.8.0.1, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (12/14/2012 00:25:41 PM) (Source: Application Error) (User: )
Description: Chybující aplikace , verze 0.0.0.0, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x6f8917c2.
Zpracování události, specifické pro médium ([!ws!])

Error: (10/09/2012 06:25:37 PM) (Source: ESENT) (User: )
Description: Catalog Database (1692) Databáze C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb byla částečně odpojena. Při aktualizaci záhlaví databáze došlo k chybě -1032.

Error: (10/09/2012 06:25:37 PM) (Source: ESENT) (User: )
Description: Catalog Database (1692) Pro soubor C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb nelze zapsat stínové záhlaví. Chyba -1032

Error: (10/09/2012 06:25:37 PM) (Source: ESENT) (User: )
Description: svchost (1692) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/29/2012 11:47:00 AM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace opera.exe, verze 12.0.1467.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.


System errors:
=============
Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/07/2013 07:33:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 při pokusu o spuštění služby BITS s argumenty
za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 1023.23 MB
Available physical RAM: 574.57 MB
Total Pagefile: 2465.14 MB
Available Pagefile: 2064.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:130.51 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 30273026)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================