Kontrola pc po trojském koni

[morphus]

Zdravím, prosím o kontrolu pc po odstranění trojského koně. Kůň odstraněn a smazán Kasperskym, ale při kontrole antirootkitem (gmer,ru) se systém sám restartuje.

Přikládám log z RSIT, všem děkuji za pomoc


Logfile of random's system information tool 1.09 (written by random/random)
Run by Hrdonka at 2012-03-16 19:31:06
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 37 GB (25%) free of 150 GB
Total RAM: 3071 MB (77% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{78200294-CA4D-4D06-B91B-0920C7B2B36E}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Hrdonka\Data aplikací\Mozilla\Firefox\Profiles\tcab5o3t.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{28D35620-51D9-11DE-9D13-2DB156D89593}:3.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, linkfilter@kaspersky.ru:9.0.0.736, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.03, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {930f1200-f5f1-4870-bac6-e233ec8e7023}:3.3.3.2, firefox@bandoo.com:5.1, engine@conduit.com:3.3.3.2, {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0, {99079a25-328f-4bd4-be04-00955acaa0a7}:4.1.0.01, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://www.searchqu.com/web?src=ffb&systemid=101&q="

"linkfilter@kaspersky.ru"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
"virtualKeyboard@kaspersky.ru"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
"KavAntiBanner@Kaspersky.ru"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]
"Description"=Zylom Games Player 1.00
"Path"=C:\Documents and Settings\All Users\Data aplikací\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
nsIZylomPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npzylomgamesplayer.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
googledesktop.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Hrdonka\Data aplikací\Mozilla\Firefox\Profiles\tcab5o3t.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{20a82645-c095-46ed-80e3-08825760534b}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Hrdonka\Data aplikací\Mozilla\Firefox\Profiles\tcab5o3t.default\searchplugins\
audio-expert.xml
bl-zbo.xml
conduit.xml
firmycz.xml
heurkacz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.xml
mapycz.xml
SearchquWebSearch.xml
vyhledvn-vide-ve-slub-youtube.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-05-15 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-08-03 202080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll [2011-04-24 86416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-12-24 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-05-15 798771]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-08-03 1471832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2006-04-07 135168]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2008-01-22 81920]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-10-11 62760]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-01-30 91432]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-03 30192]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2009-11-25 54672]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"USBTurboSpeed"=C:\Program Files\USBTurboSpeed\USBTurboSpeed.exe [2008-09-16 217088]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-11-29 258048]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"avp"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-03-26 19522592]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-21 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
"iVolStartup"=C:\Program Files\iVol\iVol.exe [2005-11-09 110592]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-11 39408]
"GameXN (update)"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-12-26 347008]
"GameXN (news)"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-12-26 347008]
"GameXN"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-12-26 347008]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe [2009-04-17 1183744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-10-23 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
c:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Hrdonka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-03-19 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-11 2524416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-01-26 495616]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Color Calibration.lnk -
MagicTune 3.6.lnk -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\GIGABYTE\Face-wizard\addlogo.exe"="C:\Program Files\GIGABYTE\Face-wizard\addlogo.exe:*:Enabled:FW2"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe"="C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
"C:\Program Files\ooVoo\ooVoo.exe"="C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo"
"C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe"="C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Enabled:Camfrog Client Module"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Documents and Settings\Hrdonka\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Hrdonka\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Documents and Settings\Hrdonka\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Hrdonka\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"vidc.asv2"=asusasv2.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-03-16 19:31:07 ----D---- C:\Program Files\trend micro
2012-03-16 19:31:06 ----D---- C:\rsit
2012-03-16 09:17:53 ----AD---- C:\Kaspersky Rescue Disk 10.0
2012-03-15 10:16:06 ----A---- C:\WINDOWS\system32\RootkitReveal.txt
2012-03-15 08:27:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2012-03-15 08:26:54 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2012-03-15 08:25:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2492386$
2012-03-15 08:25:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-03-15 08:24:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2012-03-15 08:24:30 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-03-15 08:24:29 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2012-03-15 08:16:05 ----A---- C:\WINDOWS\system32\wpa.bak
2012-03-15 07:44:42 ----D---- C:\17b1761da85e62bd62938f924bca87fd
2012-03-14 23:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2012-03-14 23:50:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2012-03-14 23:50:07 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2012-03-14 23:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-14 23:48:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2012-03-14 23:47:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-03-14 23:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2012-03-14 23:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2012-03-14 23:44:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2012-03-14 23:43:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-03-14 23:42:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2012-03-14 23:41:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-03-14 23:41:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-03-14 23:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-03-14 23:39:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2012-03-14 23:38:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2012-03-14 23:37:20 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2012-03-14 23:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2012-03-14 23:34:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2012-03-14 23:33:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2012-03-14 23:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2012-03-14 23:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2012-03-14 23:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2012-03-14 23:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2012-03-14 23:28:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2012-03-14 23:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2012-03-14 23:27:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2012-03-14 23:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-03-14 23:25:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2012-03-14 23:24:32 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-03-14 23:23:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-03-14 23:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2012-03-14 23:22:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2012-03-14 23:20:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2012-03-14 23:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2012-03-14 23:18:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2012-03-14 23:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2012-03-14 23:16:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2012-03-14 23:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-03-14 23:14:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2012-03-14 23:12:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2012-03-14 23:11:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-03-14 23:10:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2012-03-14 23:09:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2012-03-14 23:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2012-03-14 23:07:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2012-03-14 23:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2012-03-14 23:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2012-03-14 23:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2012-03-14 23:04:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2012-03-14 23:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2012-03-14 23:02:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2012-03-14 23:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2012-03-14 23:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2012-03-14 22:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2012-03-14 22:57:23 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-03-14 22:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2012-03-14 22:53:43 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2012-03-14 22:52:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2012-03-14 22:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB953155$
2012-03-14 22:51:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2012-03-14 22:50:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2012-03-14 22:48:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2647516$
2012-03-14 22:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-03-14 22:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2012-03-14 22:46:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-14 22:44:50 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-03-14 22:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2012-03-14 22:42:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2012-03-14 22:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-03-14 22:39:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2012-03-14 22:37:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2012-03-14 22:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-03-14 22:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2012-03-14 22:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2012-03-14 22:32:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2012-03-14 22:30:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2012-03-14 22:29:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2012-03-14 22:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2012-03-14 22:25:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2012-03-14 22:13:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2012-03-14 22:09:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2012-03-14 22:08:38 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2012-03-14 22:07:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2012-03-14 22:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2012-03-14 22:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2012-03-14 22:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-03-14 21:59:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2012-03-14 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2012-03-14 21:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2012-03-14 21:53:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2012-03-14 21:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2012-03-14 21:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
2012-03-14 21:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2012-03-14 21:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2012-03-14 21:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2012-03-14 21:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-03-14 21:40:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2012-03-14 21:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-03-14 21:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2012-03-14 21:35:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2012-03-14 21:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2012-03-14 21:34:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-03-14 21:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2012-03-14 20:01:23 ----ASH---- C:\hiberfil.sys
2012-03-14 19:17:02 ----ASH---- C:\pagefile.sys
2012-03-14 18:52:23 ----D---- C:\WINDOWS\Prefetch
2012-03-14 18:30:06 ----A---- C:\WINDOWS\system32\desktop.ini
2012-03-14 18:30:06 ----A---- C:\WINDOWS\desktop.ini
2012-03-14 18:08:56 ----RA---- C:\WINDOWS\SET269.tmp
2012-03-14 18:08:53 ----RA---- C:\WINDOWS\SET25D.tmp
2012-03-14 18:08:52 ----RA---- C:\WINDOWS\SET25A.tmp
2012-03-14 17:14:39 ----RA---- C:\WINDOWS\SET268.tmp
2012-03-14 17:14:36 ----RA---- C:\WINDOWS\SET25C.tmp
2012-03-14 17:14:35 ----RA---- C:\WINDOWS\SET259.tmp
2012-03-14 09:29:33 ----A---- C:\WINDOWS\pnplog.txt
2012-03-14 09:23:14 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-03-14 09:23:14 ----A---- C:\WINDOWS\system32\irclass.dll
2012-03-14 09:22:49 ----RA---- C:\WINDOWS\SET37F.tmp
2012-03-14 09:22:46 ----RA---- C:\WINDOWS\SET373.tmp
2012-03-14 09:22:45 ----RA---- C:\WINDOWS\SET370.tmp
2012-03-14 09:21:42 ----A---- C:\WINDOWS\setuplog.txt
2012-03-13 21:17:40 ----A---- C:\WINDOWS\system32\ztvunrar39.dll
2012-03-13 21:17:40 ----A---- C:\WINDOWS\system32\ztv7z.dll
2012-03-13 21:17:39 ----D---- C:\Program Files\Trojan Remover
2012-03-13 21:17:39 ----D---- C:\Documents and Settings\Hrdonka\Data aplikací\Simply Super Software
2012-03-13 21:17:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2012-03-13 21:12:41 ----SHD---- C:\RECYCLER
2012-03-13 20:39:15 ----D---- C:\WINDOWS\temp
2012-03-13 20:27:29 ----RASHD---- C:\cmdcons
2012-03-12 19:44:59 ----D---- C:\OBnova registru
2012-03-12 18:59:46 ----D---- C:\Program Files\Common Files\Skype
2012-02-18 21:41:45 ----D---- C:\Program Files\AVTJet Impression Workshop

======List of files/folders modified in the last 1 month======

2012-03-16 19:31:07 ----RD---- C:\Program Files
2012-03-16 19:29:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2012-03-16 19:29:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\GameXN
2012-03-16 19:29:41 ----D---- C:\Documents and Settings\Hrdonka\Data aplikací\go
2012-03-16 19:28:07 ----D---- C:\WINDOWS\system32\drivers
2012-03-16 19:24:57 ----D---- C:\WINDOWS\system32\CatRoot2
2012-03-16 19:24:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-03-16 19:24:49 ----A---- C:\WINDOWS\wincmd.ini
2012-03-16 08:01:29 ----D---- C:\WINDOWS\Minidump
2012-03-16 08:01:29 ----D---- C:\WINDOWS
2012-03-15 10:18:29 ----D---- C:\WINDOWS\system32\CatRoot
2012-03-15 10:16:19 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-03-15 10:16:06 ----D---- C:\WINDOWS\system32
2012-03-15 09:03:32 ----HD---- C:\WINDOWS\inf
2012-03-15 09:03:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-15 08:31:33 ----D---- C:\WINDOWS\AppPatch
2012-03-15 08:27:45 ----A---- C:\WINDOWS\imsins.BAK
2012-03-15 08:27:42 ----D---- C:\WINDOWS\ie8updates
2012-03-15 08:27:38 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-15 08:27:33 ----D---- C:\Program Files\Internet Explorer
2012-03-15 08:27:22 ----D---- C:\WINDOWS\Help
2012-03-15 08:27:15 ----D---- C:\Documents and Settings
2012-03-15 08:27:14 ----D---- C:\Program Files\NVIDIA Corporation
2012-03-15 08:26:21 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-03-15 08:24:19 ----D---- C:\Program Files\Windows Media Player
2012-03-15 08:15:33 ----SD---- C:\WINDOWS\Tasks
2012-03-15 08:11:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-03-15 08:10:25 ----D---- C:\WINDOWS\system32\cs-cz
2012-03-15 08:08:50 ----HDC---- C:\WINDOWS\ie8
2012-03-15 07:50:33 ----D---- C:\Program Files\SmartPack
2012-03-15 07:10:43 ----D---- C:\WINDOWS\system32\wbem
2012-03-14 22:09:37 ----D---- C:\Program Files\Outlook Express
2012-03-14 22:03:40 ----D---- C:\Program Files\Movie Maker
2012-03-14 21:21:35 ----D---- C:\WINDOWS\security
2012-03-14 19:50:33 ----A---- C:\WINDOWS\ntbtlog.txt
2012-03-14 19:29:31 ----SHD---- C:\WINDOWS\Installer
2012-03-14 19:29:31 ----D---- C:\Config.Msi
2012-03-14 18:54:38 ----D---- C:\WINDOWS\SoftwareDistribution
2012-03-14 18:54:33 ----SHD---- C:\System Volume Information
2012-03-14 18:54:33 ----D---- C:\WINDOWS\system32\Restore
2012-03-14 18:54:06 ----D---- C:\WINDOWS\Registration
2012-03-14 18:38:30 ----D---- C:\WINDOWS\system32\config
2012-03-14 18:35:50 ----D---- C:\WINDOWS\repair
2012-03-14 18:31:29 ----A---- C:\WINDOWS\OEWABLog.txt
2012-03-14 18:31:22 ----A---- C:\WINDOWS\ODBCINST.INI
2012-03-14 18:31:15 ----D---- C:\WINDOWS\Debug
2012-03-14 18:30:58 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2012-03-14 18:30:56 ----D---- C:\WINDOWS\system32\ias
2012-03-14 18:30:31 ----RD---- C:\WINDOWS\Web
2012-03-14 18:30:23 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2012-03-14 18:30:12 ----A---- C:\WINDOWS\win.ini
2012-03-14 18:29:58 ----D---- C:\WINDOWS\system32\oobe
2012-03-14 18:29:37 ----D---- C:\WINDOWS\system32\Com
2012-03-14 18:09:21 ----A---- C:\WINDOWS\system.ini
2012-03-14 18:09:09 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2012-03-14 10:17:51 ----D---- C:\WINDOWS\system32\Setup
2012-03-14 10:17:51 ----D---- C:\WINDOWS\system
2012-03-14 10:17:46 ----D---- C:\WINDOWS\l2schemas
2012-03-14 10:17:45 ----D---- C:\WINDOWS\system32\usmt
2012-03-14 10:17:38 ----D---- C:\WINDOWS\ime
2012-03-14 10:17:37 ----RSD---- C:\WINDOWS\Fonts
2012-03-14 10:17:36 ----D---- C:\WINDOWS\network diagnostic
2012-03-14 10:17:36 ----D---- C:\WINDOWS\Media
2012-03-14 10:17:26 ----D---- C:\WINDOWS\PeerNet
2012-03-14 10:17:17 ----D---- C:\WINDOWS\system32\npp
2012-03-14 10:17:11 ----D---- C:\WINDOWS\msagent
2012-03-14 10:17:08 ----D---- C:\WINDOWS\system32\cs
2012-03-14 10:14:47 ----D---- C:\WINDOWS\system32\1029
2012-03-14 10:14:33 ----D---- C:\WINDOWS\twain_32
2012-03-14 10:13:51 ----D---- C:\WINDOWS\system32\icsxml
2012-03-14 10:13:26 ----D---- C:\WINDOWS\system32\1033
2012-03-14 10:12:47 ----D---- C:\WINDOWS\WinSxS
2012-03-14 10:12:47 ----D---- C:\WINDOWS\Driver Cache
2012-03-14 09:06:32 ----D---- C:\WINDOWS\ERDNT
2012-03-14 07:39:08 ----D---- C:\Program Files\Lodus
2012-03-13 20:37:06 ----D---- C:\WINDOWS\system32\drivers\etc
2012-03-13 20:33:32 ----D---- C:\Program Files\Common Files
2012-03-12 19:19:27 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-03-12 19:19:27 ----D---- C:\Program Files\Microsoft
2012-03-12 19:15:54 ----D---- C:\Program Files\Mozilla Firefox
2012-03-12 19:01:45 ----D---- C:\Documents and Settings\Hrdonka\Data aplikací\Skype
2012-03-12 18:59:46 ----RD---- C:\Program Files\Skype
2012-03-12 18:59:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-03-12 09:29:35 ----A---- C:\WINDOWS\DUMP4064.tmp
2012-03-12 09:27:25 ----A---- C:\WINDOWS\DUMP25c7.tmp
2012-03-11 18:35:51 ----A---- C:\WINDOWS\NeroDigital.ini
2012-03-10 23:16:36 ----D---- C:\Documents and Settings\Hrdonka\Data aplikací\Mozilla
2012-03-04 22:20:37 ----D---- C:\Documents and Settings\Hrdonka\Data aplikací\ICQ
2012-03-04 16:23:04 ----A---- C:\WINDOWS\system32\MRT.exe
2012-03-01 10:51:43 ----D---- C:\WINDOWS\Microsoft.NET
2012-03-01 10:51:26 ----RSD---- C:\WINDOWS\assembly
2012-03-01 09:26:13 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-19 10:11:53 ----D---- C:\Dokumenty
2012-02-18 20:50:22 ----D---- C:\Program Files\Electronic Arts
2012-02-18 20:50:20 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-18 20:16:11 ----A---- C:\WINDOWS\avisplitter.INI
2012-02-18 19:43:13 ----D---- C:\Doupe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2011-03-04 133208]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2008-02-02 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2008-02-02 82944]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [2002-07-17 16877]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-10-23 11136]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2011-03-04 11352]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-04-20 565552]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 cpuz133;cpuz133; \??\C:\WINDOWS\system32\drivers\cpuz133_x32.sys []
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 Prvflder;Prvflder; C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 70912]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-10-23 12416]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-03-05 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-26 5883936]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-05-21 12753664]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-03-01 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-10-23 10752]
S1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
S3 ADASPROT;SYSTWEAKASO; \??\C:\Program Files\Advanced System Optimizer 3\adasprot32.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-03-05 39184]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2011-03-10 34608]
S3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2005-10-21 13396]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM); C:\WINDOWS\system32\DRIVERS\sea1bus.sys [2007-02-08 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys [2007-02-08 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\sea1mdm.sys [2007-02-08 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys [2007-02-08 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS); C:\WINDOWS\system32\DRIVERS\sea1nd5.sys [2007-02-08 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\sea1obex.sys [2007-02-08 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM); C:\WINDOWS\system32\DRIVERS\sea1unic.sys [2007-02-08 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-01-26 12028032]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 USBTurboSpeed;USBTurboSpeed; C:\WINDOWS\System32\drivers\USBTurboSpeed.sys [2008-07-03 24576]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-10-23 262144]
R2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-03-30 143360]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-02-07 20543]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-03-30 131131]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-03-30 65599]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-21 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-11 1488128]
R2 prfldsvc;Private Folder Service; C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe [2006-04-21 69632]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-10-15 243056]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-05 194104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-03 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Log vypadá OK. PC funguje normálně?

[morphus]

Log vypadá OK. PC funguje normálně?

JJ při testech zatím pc vypadá ok, pouze mi je divnej ten restart při spuštění antirootkitů.

[Rudy]

OK. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[morphus]

Kompletní kontrola MBAM, nic nenašel a to je právě divné, že by snad nějaká nová potvora zůstala v pc?


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2012.03.17.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Hrdonka :: HRDONKA [administrátor]

17.3.2012 14:45:31
mbam-log-2012-03-17 (14-45-31).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 461907
Uplynulý čas: 1 hodin, 22 minut, 10 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Rudy]

prověříme no rootkit. Provedte sken GMER: http://forum.viry.cz/viewtopic.php?f=29&t=62878 a dejte oba logy.

[morphus]

prověříme no rootkit. Provedte sken GMER: http://forum.viry.cz/viewtopic.php?f=29&t=62878 a dejte oba logy.

To je právě ten problém, ihned po spuštění se pc restartuje .

[morphus]

prověříme no rootkit. Provedte sken GMER: http://forum.viry.cz/viewtopic.php?f=29&t=62878 a dejte oba logy.

To je právě ten problém, ihned po spuštění se pc restartuje .

[Rudy]

V nouz. režimu také?

[morphus]

V nouzáku šel spustit, zde jsou logy.
log 1 prázdný a zde je log 2

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-18 00:12:51
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000087 SAMSUNG_HD321KJ rev.CP100-12
Running: gmer.exe; Driver: C:\DOCUME~1\Hrdonka\LOCALS~1\Temp\pwrdipog.sys


---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG12.00.00.01PROFESSIONAL 2C63CB108F195ADCA147A756C4895214A43B7AD8B8F0A3948E3A45BA8C55F541CA5063602545655DADAC5E78A26FC75A8C3B118628C1B4B3B7D69F0FF6AA6157320834C1D2D6502148CE9EC0BD0C4A64ED862FEE018DAD08EBD1EED80317892F679B26A0705B8A75AD20AD0536A0B638541193EF48E67B712CC0129DBB1D072281E252CBAEE5F94DA85A81FD7E715F80649433CBD5627B7391FC99CAFEC365AAAB7987F98F10F73A1BF7C5C961C80B0B520E3629581A0233C6A54B2D7E15256AA83FC84269F351787A3B5A69F6F073C7EA3F7A124EAAD5FD0B1C21FABEA039234C55CB9FE83246FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB34529FD5A742BDB36BC8EE0FDB107B5802256B1E05E5F6834ED614718E652ABF4D90CDDEFBF506C5C0C907A3664D60A4B42578398D42FA3C1A2FEBEE71F39704E76B185F06B81522D3AF0A31EEE826D71CD220254FF010B457259776263182A5E142220E3FBC76484EA71281AFD2A093EF2795E1E63B72D3701E045F4A6733F1F407B1B765671A0857505E75A72C884F6A0E3207B4234456CEF34314BE92D2875F2132B97B515308A03E55829ACC7AD54C6A73BB5CDA0B4AE5748B9229E16E5EE16BB2884648D9C15BF9F

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Documents and Settings\All Users\Data aplikací\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Documents and Settings\All Users\Data aplikací\Adobe\Updater5\AdobeESDGlobalApps.xml 281 bytes

---- EOF - GMER 1.0.15 ----

[Rudy]

Rootkit nemáte, log je OK.

[morphus]

Děkuji za pomoc, takže když spadne systém při spuštění gmeru normálně, není to tím, že v systému něco je, ale chybou gmeru?
Jinak to padání systému je chyba BAD_POOL_HEADER, způsobená ovladačem pwrdipog.sys - nikde v kompu jsem ho nenašel a ani na netu taky není žádná zmínka.
Hold to nechám, když komp jde.

Díky za pomoc

[Rudy]

Ovladač pwrdipog.sys je ovladač GMERu (viz log GMER). Pokud byste pozoroval nějaká anomálie v chodu PC, dejte vědět.