PC-HELP.CZ

Zdravim jedna se o PC rodiču, instalujou kde co najdou.Sám se vypina a sám se obnovuje system, tak se zkuste mrknout diky

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:59, on 19.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
H:\Windows\system32\taskhost.exe
H:\Windows\system32\Dwm.exe
H:\Windows\Explorer.EXE
H:\Program Files\ESET\ESET Smart Security\egui.exe
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
H:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
H:\Program Files\DAEMON Tools Lite\DTLite.exe
H:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
H:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
H:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
H:\Windows\system32\SearchFilterHost.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\PROGRA~1\FREEDO~1\fdm.exe
H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - H:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - H:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - H:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [egui] "H:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "H:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Nokia.PCSync] "H:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "H:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AutoStartNPSAgent] H:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://H:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://H:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://H:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://H:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - H:\Windows\system32\atiesrxx.exe
O23 - Service: Boonty Games - BOONTY - H:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - H:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - H:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FsUsbExService - Teruten - H:\Windows\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - H:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - H:\Windows\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7379 bytes

Odinstaluj:
Daemon Tools Toolbar

v logu fixni:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Najdi a smaž H:\Windows\system32\FsUsbExService.Exe poté dej Star - Spustit - Services.msc - mezi službami najdi FsUsbExService a zakaž její automatické spouštění a fungování.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Dr Web nic nenasel

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4652

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

19.9.2010 21:44:49
mbam-log-2010-09-19 (21-44-49).txt

Typ skenu: Rychlý sken
Skenované objekty: 143243
Uplynulý čas: 4 minuta(y), 54 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Stáhni si GMER
Po stažení aplikaci rozbal a spusť, probehne rychlý sken a otevře se hlavní okno programu:
pokud klikneš na tlačítko Save vpravo dole, muzeš vyexportovat první log, ktery vloziš sem.
Abychom se dostali k "hlavnímu" skenu a získaní logu z něj, ponechame v pravem sloupci zafajfkovane vsechny polozky a klikneme na tlacitko Scan
Vyčkej konce skenu (což trvá tak kolem pěti- deseti minut), pote opět klikni na tlačitko Save a vyexportuj log čislo 2,i tento log vlož sem.

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-09-19 23:22:55
Windows 6.1.7600
Running: gmer.exe; Driver: H:\Users\Standa\AppData\Local\Temp\pwryqpog.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 84C731F8

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

Device \FileSystem\fastfat \Fat 8679A1F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\tdx \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-09-19 23:28:56
Windows 6.1.7600
Running: gmer.exe; Driver: H:\Users\Standa\AppData\Local\Temp\pwryqpog.sys

---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83045AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83045104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830453F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302E2D8
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830451DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83045958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830456F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83045F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830461A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C5E599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C82F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\Drivers\spky.sys Systém nemůže nalézt uvedenou cestu. !
.text USBPORT.SYS!DllUnload 8E573CA0 5 Bytes JMP 85CF61D8
.text H:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x93826000, 0x2D5378, 0xE8000020]
.text at95l28z.SYS 94242000 12 Bytes [44, 08, 03, 83, EE, 06, 03, ...] {INC ESP; OR [EBX], AL; SUB ESI, 0x6; ADD EAX, [EBX-0x7cfd1860]}
.text at95l28z.SYS 9424200D 9 Bytes [E7, 02, 83, 48, 0B, 03, 83, ...] {OUT 0x2, EAX; OR DWORD [EAX+0xb], 0x3; ADD DWORD [EAX], 0x0}
.text at95l28z.SYS 94242017 170 Bytes [00, DE, 67, B2, 88, E6, 65, ...]
.text at95l28z.SYS 942420C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text at95l28z.SYS 942420CE 4 Bytes [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text peauth.sys 9A43FC9D 28 Bytes [8F, 10, 46, 92, 64, CA, 31, ...]
.text peauth.sys 9A43FCC1 28 Bytes [8F, 10, 46, 92, 64, CA, 31, ...]

---- User code sections - GMER 1.0.15 ----

.text H:\Program Files\ESET\ESET Smart Security\ekrn.exe[1524] kernel32.dll!SetUnhandledExceptionFilter 77633162 4 Bytes [C2, 04, 00, 00]
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!CreateWindowExW 76F30E51 5 Bytes JMP 6E688157 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!DialogBoxIndirectParamW 76F54AA7 5 Bytes JMP 6E7AF970 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!DialogBoxParamW 76F5564A 5 Bytes JMP 6E5A4BA7 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!DialogBoxParamA 76F6CF6A 5 Bytes JMP 6E7AF90D H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!DialogBoxIndirectParamA 76F6D29C 5 Bytes JMP 6E7AF9D3 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!MessageBoxIndirectA 76F7E8C9 5 Bytes JMP 6E7AF8A2 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!MessageBoxIndirectW 76F7E9C3 5 Bytes JMP 6E7AF837 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!MessageBoxExA 76F7EA29 5 Bytes JMP 6E7AF7D5 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2876] USER32.dll!MessageBoxExW 76F7EA4D 5 Bytes JMP 6E7AF773 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CreateDialogParamW 76F29BFF 5 Bytes JMP 6E5DC570 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!EnableWindow 76F2A72E 5 Bytes JMP 6E5DC4EB H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!GetAsyncKeyState 76F2C09A 5 Bytes JMP 6E59D6E9 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!UnhookWindowsHookEx 76F2CC7B 5 Bytes JMP 6E69835E H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CallNextHookEx 76F2CC8F 5 Bytes JMP 6E679D5C H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CreateWindowExW 76F30E51 5 Bytes JMP 6E688157 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!SetWindowsHookExW 76F3210A 5 Bytes JMP 6E634633 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!GetKeyState 76F34FDA 5 Bytes JMP 6E5DD762 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!IsDialogMessageW 76F36F06 5 Bytes JMP 6E5A4284 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CreateDialogParamA 76F43E79 5 Bytes JMP 6E7B0571 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!IsDialogMessage 76F4407A 5 Bytes JMP 6E7AFE12 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CreateDialogIndirectParamA 76F49110 5 Bytes JMP 6E7B05A8 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CreateDialogIndirectParamW 76F508AD 5 Bytes JMP 6E7B05DF H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxIndirectParamW 76F54AA7 5 Bytes JMP 6E7AF970 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!EndDialog 76F5555C 5 Bytes JMP 6E5A5AE9 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxParamW 76F5564A 5 Bytes JMP 6E5A4BA7 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!SetKeyboardState 76F56B52 5 Bytes JMP 6E7B0177 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!SendInput 76F57055 5 Bytes JMP 6E7B0D3C H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!SetCursorPos 76F6C1D8 5 Bytes JMP 6E7B0D94 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxParamA 76F6CF6A 5 Bytes JMP 6E7AF90D H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxIndirectParamA 76F6D29C 5 Bytes JMP 6E7AF9D3 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxIndirectA 76F7E8C9 5 Bytes JMP 6E7AF8A2 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxIndirectW 76F7E9C3 5 Bytes JMP 6E7AF837 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxExA 76F7EA29 5 Bytes JMP 6E7AF7D5 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxExW 76F7EA4D 5 Bytes JMP 6E7AF773 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!keybd_event 76F7EC9B 5 Bytes JMP 6E7B10C7 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] SHELL32.dll!SHChangeNotification_Lock + 45BA 75D4B440 4 Bytes [11, 36, C8, 6D]
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] SHELL32.dll!SHChangeNotification_Lock + 45C2 75D4B448 8 Bytes [5F, 35, C8, 6D, D0, 73, C7, ...]
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] ole32.dll!OleLoadFromStream 758E5B88 5 Bytes JMP 6E7AFCCE H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)
.text H:\Program Files\Internet Explorer\iexplore.exe[2924] ole32.dll!CoCreateInstance 759357FC 5 Bytes JMP 6E688C45 H:\Windows\system32\IEFRAME.dll (Internetový prohlížeč/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [88A2A042] \SystemRoot\System32\Drivers\spky.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [88A2A6D6] \SystemRoot\System32\Drivers\spky.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [88A2A800] \SystemRoot\System32\Drivers\spky.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [88A2A13E] \SystemRoot\System32\Drivers\spky.sys
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\at95l28z.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B

---- User IAT/EAT - GMER 1.0.15 ----

IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [740C2494] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [740A5624] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [740A56E2] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [740C250F] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [740B8573] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [740B4D27] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [740B50CE] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [740B51A3] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [740B66D0] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [740B82CA] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [740B8819] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [740B907A] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [740BE21D] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Windows\Explorer.EXE[1760] @ H:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [740B4C59] H:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6DC69F14] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6DC73932] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6DC71ED3] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6DC6C028] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6DC73B9B] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6DC7595C] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6DC747A8] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6DC74EB8] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6DC71D43] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6DC6F312] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6DC69F14] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6DC71BBF] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6DC706BA] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6DC6FAB6] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6DC71ED3] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6DC71A3B] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6DC70043] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6DC70CA0] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6DC73932] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6DC71BBF] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6DC69F14] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6DC706BA] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6DC71BBF] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6DC70CA0] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6DC72ADB] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6DC6F1BB] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6DC6F312] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6DC6FAB6] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6DC71A3B] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6DC71ED3] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6DC74EB8] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6DC747A8] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6DC6DF55] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6DC706BA] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6DC73932] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6DC6DCFA] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6DC6DE25] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6DC70571] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6DC69F14] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6DC71D43] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6DC6DBCF] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6DC741F1] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6DC7595C] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6DC74735] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6DC74B56] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6DC7823A] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6DC789C0] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6DC78584] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6DC77E55] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6DC78CD4] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6DC790D9] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6DC77C72] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6DC78D26] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6DC77F8E] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6DC7794A] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6DC77D19] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6DC78898] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6DC786C0] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6DC78760] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6DC77EF3] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6DC79B99] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6DC7958E] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6DC799D2] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6DC78026] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6DC77F42] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6DC77AE4] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6DC797FC] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6DC77BD1] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6DC79C52] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6DC798B5] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6DC777ED] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6DC796FD] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6DC781EE] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6DC780BE] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6DC78286] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6DC78D75] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6DC77DBA] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6DC78F70] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6DC7892C] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6DC79A2A] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6DC792E3] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6DC79E71] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6DC78E16] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6DC77B33] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6DC79029] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6DC7789A] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6DC783BC] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6DC7861C] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6DC78A5E] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6DC78454] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6DC784EC] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6DC79974] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6DC78EBD] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6DC6D9AD] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6DC70F2A] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6DC71904] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6DC7141F] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6DC71A3B] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6DC709C2] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6DC6FAB6] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6DC6F834] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6DC6F084] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6DC727FF] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6DC71BBF] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6DC6F312] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6DC6EB7A] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6DC6E563] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6DC72ADB] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6DC727DA] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6DC6E901] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6DC70043] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6DC6EE02] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6DC71BBF] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6DC71A3B] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6DC69F14] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6DC79974] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6DC79916] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6DC78A0C] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6DC78D26] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6DC78E16] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6DC77D19] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6DC78FCE] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6DC79E16] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6DC79029] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6DC79E71] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [6DC77C72] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6DC69F14] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT H:\Program Files\Internet Explorer\iexplore.exe[2924] @ H:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6DC69F14] H:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 84C731F8

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

Device \FileSystem\fastfat \FatCdrom 8679A1F8

AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\volmgr \Device\VolMgrControl 84C6F1F8

AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy4 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\usbohci \Device\USBPDO-0 85CF71F8

AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\usbehci \Device\USBPDO-1 85D011F8
Device \Driver\PCI_PNP3914 \Device\00000055 spky.sys

AttachedDevice \Driver\tdx \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

Device \Driver\volmgr \Device\HarddiskVolume1 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\cdrom \Device\CdRom0 85C0C1F8
Device \Driver\volmgr \Device\HarddiskVolume2 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\USBSTOR \Device\00000072 85C551F8
Device \Driver\volmgr \Device\HarddiskVolume3 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\cdrom \Device\CdRom1 85C0C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-3 84C711F8
Device \Driver\atapi \Device\Ide\IdePort0 84C711F8
Device \Driver\atapi \Device\Ide\IdePort1 84C711F8
Device \Driver\atapi \Device\Ide\IdePort2 84C711F8
Device \Driver\atapi \Device\Ide\IdePort3 84C711F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-4 84C711F8
Device \Driver\USBSTOR \Device\00000073 85C551F8
Device \Driver\volmgr \Device\HarddiskVolume4 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\cdrom \Device\CdRom2 85C0C1F8
Device \Driver\USBSTOR \Device\00000074 85C551F8
Device \Driver\volmgr \Device\HarddiskVolume5 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\USBSTOR \Device\00000075 85C551F8
Device \Driver\volmgr \Device\HarddiskVolume6 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\USBSTOR \Device\00000076 85C551F8
Device \Driver\volmgr \Device\HarddiskVolume7 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\NetBT \Device\NetBt_Wins_Export 85CB41F8
Device \Driver\volmgr \Device\HarddiskVolume8 84C6F1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 hotcore3.sys (Hotbackup helper driver/Paragon Software Group)

Device \Driver\ACPI_HAL \Device\0000004d halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)

Device \Driver\sptd \Device\949126414 spky.sys
Device \Driver\usbohci \Device\USBFDO-0 85CF71F8
Device \Driver\usbehci \Device\USBFDO-1 85D011F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{BAFB8FB3-D3A6-44EA-940C-5EC78226CA6C} 85CB41F8
Device \Driver\USBSTOR \Device\0000007d 85C551F8
Device \Driver\USBSTOR \Device\0000007e 85C551F8
Device \Driver\at95l28z \Device\Scsi\at95l28z1Port4Path0Target0Lun0 85DA21F8
Device \Driver\at95l28z \Device\Scsi\at95l28z1 85DA21F8
Device \Driver\at95l28z \Device\Scsi\at95l28z1Port4Path0Target1Lun0 85DA21F8
Device \FileSystem\fastfat \Fat 8679A1F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd500717
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd500717@00226601a27f 0x3C 0xBC 0xF6 0xA2 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd500717@2021a522d9a5 0xEC 0x7A 0x95 0x5F ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd500717@e8e5d66fbeb1 0x15 0x88 0x36 0xAB ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC0 0x85 0x4A 0xD7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 H:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x60 0x98 0xC8 0x3F ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0E 0x72 0xE7 0x60 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAF 0xDE 0x17 0x6A ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd500717 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd500717@00226601a27f 0x3C 0xBC 0xF6 0xA2 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd500717@2021a522d9a5 0xEC 0x7A 0x95 0x5F ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd500717@e8e5d66fbeb1 0x15 0x88 0x36 0xAB ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC0 0x85 0x4A 0xD7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 H:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x60 0x98 0xC8 0x3F ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0E 0x72 0xE7 0x60 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAF 0xDE 0x17 0x6A ...

---- EOF - GMER 1.0.15 ----

Stáhni Bootkit Remover

-ulož na plochu
-spusť
- pak klikni do černého okna a zkopíruj sem výsledek, případně dej screen

****************************************************************************************************************************************
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
H:\windows\System32\Drivers\spky.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
***************************************************************************************************************************************
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

příspěvek smazán , neřeší současnou situaci .jaro3

To belzebub : přečti si pravidla sekce HiJackthis:
viewtopic.php?f=70&t=29204

Bootkit Remover
(c) 2009 eSage Lab
http://www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows 7 Home Premium Edition (build 7600), 32-bit

System volume is \\.\H:
\\.\H: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: bb4f1627d8b9beda49ac0d010229f3ff

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)

Done;
Press any key to quit...

H:\windows\System32\Drivers\spky.sys soubor nenalezen nenašel jsem ho

OTL logfile created on: 20.9.2010 16:20:22 - Run 1
OTL by OldTimer - Version 3.2.14.0 Folder = H:\Users\Standa\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 120,04 Gb Total Space | 70,02 Gb Free Space | 58,33% Space Free | Partition Type: NTFS
Drive I: | 6,92 Gb Total Space | 1,36 Gb Free Space | 19,59% Space Free | Partition Type: NTFS
Drive J: | 171,13 Gb Total Space | 53,41 Gb Free Space | 31,21% Space Free | Partition Type: NTFS
Drive N: | 953,19 Mb Total Space | 743,02 Mb Free Space | 77,95% Space Free | Partition Type: FAT

Computer Name: STANDA-PC
Current User Name: Standa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - H:\Users\Standa\Desktop\OTL.exe (OldTimer Tools)
PRC - H:\Windows\explorer.exe (Microsoft Corporation)
PRC - H:\Windows\System32\atieclxx.exe (AMD)
PRC - H:\Windows\System32\atiesrxx.exe (AMD)
PRC - H:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - H:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - H:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - H:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)

========== Modules (SafeList) ==========

MOD - H:\Users\Standa\Desktop\OTL.exe (OldTimer Tools)
MOD - H:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - H:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - H:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - H:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - H:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - H:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - H:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - H:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - H:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - H:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - H:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - H:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (FsUsbExService) -- H:\Windows\System32\FsUsbExService.Exe File not found
SRV - (Boonty Games) -- H:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
SRV - (WatAdminSvc) -- H:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AMD External Events Utility) -- H:\Windows\System32\atiesrxx.exe (AMD)
SRV - (WwanSvc) -- H:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- H:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- H:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- H:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- H:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- H:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- H:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol) -- H:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- H:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- H:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- H:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- H:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- H:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- H:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- H:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- H:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- H:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV) -- H:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- H:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- H:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- H:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (SeaPort) -- H:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (ServiceLayer) -- H:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (EhttpSrv) -- H:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- H:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)

========== Driver Services (SafeList) ==========

DRV - (sptd) -- H:\Windows\System32\Drivers\sptd.sys ()
DRV - (KSecPkg) -- H:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (RTL8167) -- H:\Windows\System32\drivers\Rt86win7.sys (Realtek )
DRV - (atikmdag) -- H:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (cmdide) -- H:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- H:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- H:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- H:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- H:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- H:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- H:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- H:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- H:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- H:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- H:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- H:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- H:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- H:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- H:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- H:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- H:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- H:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- H:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- H:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- H:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- H:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- H:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- H:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- H:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- H:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- H:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- H:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- H:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- H:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- H:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- H:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- H:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- H:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- H:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- H:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- H:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- H:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- H:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- H:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- H:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- H:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- H:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- H:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- H:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- H:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- H:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- H:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- H:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- H:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- H:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- H:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- H:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- H:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- H:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- H:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- H:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- H:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- H:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- H:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- H:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- H:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- H:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- H:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- H:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- H:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- H:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (FsUsbExDisk) -- H:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- H:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- H:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- H:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (epfwtdi) -- H:\Windows\System32\drivers\epfwtdi.sys (ESET)
DRV - (Epfwndis) -- H:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (epfw) -- H:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (easdrv) -- H:\Windows\System32\drivers\easdrv.sys (ESET)
DRV - (eamon) -- H:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (Uim_IM) -- H:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (hotcore3) -- H:\Windows\system32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (UimBus) -- H:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (pccsmcfd) -- H:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (tosporte) -- H:\Windows\System32\drivers\Tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfbd) -- H:\Windows\System32\drivers\TosRfbd.sys (TOSHIBA CORPORATION)
DRV - (tosrfnds) -- H:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (Tosrfusb) -- H:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- H:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- H:\Windows\System32\drivers\TosRfhid.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- H:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfbnp) -- H:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (toshidpt) -- H:\Windows\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 10 B5 CE 83 04 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - H:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - H:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [egui] H:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKCU..\Run: [fsm] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - H:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - H:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - H:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - H:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - H:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - H:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - H:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - H:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - H:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - H:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - H:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - H:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - H:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - H:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - H:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - H:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - H:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - H:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - H:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - H:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\Windows\system32\userinit.exe) - H:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - H:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - H:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - H:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - H:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - H:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - H:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - H:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - H:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1e3ed04c-7f6d-11df-ae6f-0009dd500717}\Shell - "" = AutoRun
O33 - MountPoints2\{1e3ed04c-7f6d-11df-ae6f-0009dd500717}\Shell\AutoRun\command - "" = K:\autorun.exe -- File not found
O33 - MountPoints2\{1e3ed065-7f6d-11df-ae6f-0009dd500717}\Shell - "" = AutoRun
O33 - MountPoints2\{1e3ed065-7f6d-11df-ae6f-0009dd500717}\Shell\AutoRun\command - "" = L:\Setup.exe -- File not found
O33 - MountPoints2\{e08a2c2d-7381-11df-a73d-0009dd500717}\Shell - "" = AutoRun
O33 - MountPoints2\{e08a2c2d-7381-11df-a73d-0009dd500717}\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\autorun.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.09.20 16:11:40 | 000,576,000 | ---- | C] (OldTimer Tools) -- H:\Users\Standa\Desktop\OTL.exe
[2010.09.20 16:01:50 | 000,000,000 | ---D | C] -- H:\Users\Standa\Desktop\Nová složka (2)
[2010.09.19 21:42:09 | 000,000,000 | ---D | C] -- H:\Users\Standa\DoctorWeb
[2010.09.19 21:08:26 | 000,000,000 | ---D | C] -- H:\Users\Standa\AppData\Roaming\Uniblue
[2010.09.19 21:00:35 | 000,000,000 | ---D | C] -- H:\Windows\pss
[2010.09.16 06:41:52 | 000,000,000 | ---D | C] -- H:\Program Files\2K Games
[2010.09.15 17:54:10 | 000,000,000 | ---D | C] -- H:\ProgramData\Electronic Arts
[2010.09.15 17:51:03 | 000,000,000 | ---D | C] -- H:\Program Files\Common Files\Adobe AIR
[2010.09.03 09:27:37 | 000,000,000 | ---D | C] -- H:\Program Files\Puzzle Quest
[2010.09.01 18:18:02 | 000,000,000 | ---D | C] -- H:\ProgramData\Playrix Entertainment
[2010.09.01 18:15:48 | 000,000,000 | ---D | C] -- H:\Users\Standa\Documents\7Artifacts
[2010.08.29 12:07:22 | 000,000,000 | ---D | C] -- H:\Users\Standa\Desktop\Nová složka
[2010.08.27 20:23:41 | 000,000,000 | ---D | C] -- H:\Users\Standa\Documents\FIFA 09
[2010.08.27 20:21:38 | 000,000,000 | ---D | C] -- H:\Program Files\Electronic Arts
[2010.08.27 20:20:47 | 000,000,000 | ---D | C] -- H:\Users\Standa\AppData\Roaming\Leadertech
[2010.08.27 20:13:46 | 000,000,000 | ---D | C] -- H:\Program Files\EA Sports
[2010.06.05 10:12:36 | 000,047,360 | ---- | C] (VSO Software) -- H:\Users\Standa\AppData\Roaming\pcouffin.sys
[1 H:\Windows\*.tmp files -> H:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.20 16:20:15 | 003,932,160 | -HS- | M] () -- H:\Users\Standa\ntuser.dat
[2010.09.20 16:11:58 | 000,576,000 | ---- | M] (OldTimer Tools) -- H:\Users\Standa\Desktop\OTL.exe
[2010.09.20 11:47:45 | 000,000,121 | ---- | M] () -- H:\Users\Standa\AppData\Roaming\default.pls
[2010.09.20 11:27:37 | 000,014,240 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.20 11:27:37 | 000,014,240 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.20 11:24:41 | 001,473,146 | ---- | M] () -- H:\Windows\System32\PerfStringBackup.INI
[2010.09.20 11:24:41 | 000,631,116 | ---- | M] () -- H:\Windows\System32\perfh005.dat
[2010.09.20 11:24:41 | 000,615,760 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2010.09.20 11:24:41 | 000,123,556 | ---- | M] () -- H:\Windows\System32\perfc005.dat
[2010.09.20 11:24:41 | 000,107,396 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2010.09.20 11:20:28 | 000,000,006 | -H-- | M] () -- H:\Windows\tasks\SA.DAT
[2010.09.20 11:20:27 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2010.09.20 11:20:19 | 1610,113,024 | -HS- | M] () -- H:\hiberfil.sys
[2010.09.19 23:35:37 | 003,008,036 | -H-- | M] () -- H:\Users\Standa\AppData\Local\IconCache.db
[2010.09.19 23:03:38 | 000,007,597 | ---- | M] () -- H:\Users\Standa\AppData\Local\Resmon.ResmonCfg
[2010.09.19 22:56:24 | 000,000,936 | ---- | M] () -- H:\Users\Standa\Desktop\CCleaner.lnk
[2010.09.19 21:11:42 | 000,000,938 | ---- | M] () -- H:\Users\Public\Desktop\WinRAR.lnk
[2010.09.19 20:26:24 | 000,002,969 | ---- | M] () -- H:\Users\Standa\Desktop\HiJackThis.lnk
[2010.09.15 17:54:11 | 000,002,183 | ---- | M] () -- H:\Users\Public\Desktop\EA Download Manager.lnk
[2010.09.14 16:42:03 | 000,000,668 | ---- | M] () -- H:\Users\Standa\AppData\Roaming\vso_ts_preview.xml
[2010.09.07 06:06:33 | 000,001,951 | ---- | M] () -- H:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.09.07 06:01:24 | 000,524,288 | -HS- | M] () -- H:\Users\Standa\ntuser.dat{79ad5057-b05e-11df-a8a9-0021856d08f5}.TMContainer00000000000000000002.regtrans-ms
[2010.09.07 06:01:24 | 000,524,288 | -HS- | M] () -- H:\Users\Standa\ntuser.dat{79ad5057-b05e-11df-a8a9-0021856d08f5}.TMContainer00000000000000000001.regtrans-ms
[2010.09.07 06:01:24 | 000,065,536 | -HS- | M] () -- H:\Users\Standa\ntuser.dat{79ad5057-b05e-11df-a8a9-0021856d08f5}.TM.blf
[2010.09.03 09:27:48 | 000,000,984 | ---- | M] () -- H:\Users\Public\Desktop\Puzzle Quest.lnk
[2010.08.27 20:21:16 | 000,001,108 | ---- | M] () -- H:\Windows\System32\ealregsnapshot1.reg
[2010.08.27 20:17:44 | 000,001,911 | ---- | M] () -- H:\Users\Public\Desktop\FIFA 09.lnk
[1 H:\Windows\*.tmp files -> H:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.19 23:20:30 | 000,293,376 | ---- | C] () -- H:\Users\Standa\Desktop\gmer.exe
[2010.09.19 23:03:38 | 000,007,597 | ---- | C] () -- H:\Users\Standa\AppData\Local\Resmon.ResmonCfg
[2010.09.19 20:26:24 | 000,002,969 | ---- | C] () -- H:\Users\Standa\Desktop\HiJackThis.lnk
[2010.09.15 17:54:11 | 000,002,183 | ---- | C] () -- H:\Users\Public\Desktop\EA Download Manager.lnk
[2010.09.03 09:27:48 | 000,000,984 | ---- | C] () -- H:\Users\Public\Desktop\Puzzle Quest.lnk
[2010.09.03 06:03:11 | 000,524,288 | -HS- | C] () -- H:\Users\Standa\ntuser.dat{79ad5057-b05e-11df-a8a9-0021856d08f5}.TMContainer00000000000000000002.regtrans-ms
[2010.09.03 06:03:11 | 000,524,288 | -HS- | C] () -- H:\Users\Standa\ntuser.dat{79ad5057-b05e-11df-a8a9-0021856d08f5}.TMContainer00000000000000000001.regtrans-ms
[2010.09.03 06:03:11 | 000,065,536 | -HS- | C] () -- H:\Users\Standa\ntuser.dat{79ad5057-b05e-11df-a8a9-0021856d08f5}.TM.blf
[2010.08.27 20:21:16 | 000,001,108 | ---- | C] () -- H:\Windows\System32\ealregsnapshot1.reg
[2010.08.27 20:17:44 | 000,001,911 | ---- | C] () -- H:\Users\Public\Desktop\FIFA 09.lnk
[2010.07.21 12:06:06 | 000,000,576 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\AutoGK.ini
[2010.07.03 10:43:48 | 000,000,000 | ---- | C] () -- H:\Windows\tosOBEX.INI
[2010.07.03 09:03:19 | 000,110,592 | ---- | C] () -- H:\Windows\System32\FsUsbExDevice.Dll
[2010.07.03 09:03:19 | 000,036,608 | ---- | C] () -- H:\Windows\System32\FsUsbExDisk.Sys
[2010.06.24 09:50:57 | 000,003,180 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\NMM-MetaData.db
[2010.06.12 00:03:47 | 000,000,056 | -H-- | C] () -- H:\ProgramData\ezsidmv.dat
[2010.06.09 06:09:47 | 000,691,696 | ---- | C] () -- H:\Windows\System32\drivers\sptd.sys
[2010.06.08 20:03:45 | 000,000,121 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\default.pls
[2010.06.07 19:48:10 | 000,000,000 | ---- | C] () -- H:\Windows\Irremote.ini
[2010.06.05 12:49:17 | 000,011,568 | ---- | C] () -- H:\Windows\System32\drivers\UimFIO.sys
[2010.06.05 12:48:32 | 004,244,744 | ---- | C] () -- H:\Windows\System32\qtp-mt334.dll
[2010.06.05 12:48:32 | 000,247,560 | ---- | C] () -- H:\Windows\System32\prgiso.dll
[2010.06.05 12:48:32 | 000,013,576 | ---- | C] () -- H:\Windows\System32\wnaspi32.dll
[2010.06.05 10:13:29 | 000,000,668 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\vso_ts_preview.xml
[2010.06.05 10:13:12 | 000,000,034 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\pcouffin.log
[2010.06.05 10:12:37 | 000,087,608 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\inst.exe
[2010.06.05 10:12:37 | 000,007,887 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\pcouffin.cat
[2010.06.05 10:12:36 | 000,001,144 | ---- | C] () -- H:\Users\Standa\AppData\Roaming\pcouffin.inf
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- H:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- H:\Windows\System32\BWContextHandler.dll
[2009.03.03 23:54:58 | 000,073,728 | ---- | C] () -- H:\Windows\System32\RtNicProp32.dll
[2009.01.25 23:10:48 | 000,179,200 | ---- | C] () -- H:\Windows\System32\xvidvfw.dll
[2009.01.09 01:01:22 | 000,629,760 | ---- | C] () -- H:\Windows\System32\xvidcore.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- H:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- H:\Windows\System32\AgCPanelFrench.dll
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- H:\Windows\System32\drivers\StarOpen.sys
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- H:\Windows\System32\CddbCdda.dll
[2004.12.02 15:20:12 | 000,114,688 | ---- | C] () -- H:\Windows\System32\TosBtAcc.dll
[2004.09.22 10:09:06 | 000,065,536 | ---- | C] () -- H:\Windows\System32\TosCommAPI.dll
[2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- H:\Windows\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- H:\Windows\System32\TBTMonUI.dll
[2003.07.29 15:33:26 | 000,061,440 | ---- | C] () -- H:\Windows\System32\TosHidAPI.dll

========== LOP Check ==========

[2010.07.09 09:05:01 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Awem
[2010.07.27 08:44:42 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\BlackBean
[2010.06.09 12:58:28 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Coyotes Tale
[2010.06.12 08:14:55 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\DAEMON Tools Lite
[2010.07.09 09:03:44 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Divo Games
[2010.07.11 12:57:21 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Elladive3
[2010.06.17 19:57:40 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\ERS G-Studio
[2010.06.05 09:59:24 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\ESET
[2010.07.12 07:09:30 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Friday's games
[2010.09.14 11:41:22 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\ICQ
[2010.06.08 20:01:10 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Jpeg Resampler
[2010.08.27 20:20:47 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Leadertech
[2010.06.24 10:56:18 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Nokia
[2010.06.24 09:36:53 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Nokia Multimedia Player
[2010.06.24 09:24:11 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\PC Suite
[2010.07.03 09:03:13 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Samsung
[2010.08.19 12:23:26 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Software Informer
[2010.07.03 10:51:48 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Toshiba
[2010.09.19 21:08:26 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Uniblue
[2010.09.14 16:42:04 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Vso
[2010.07.20 11:48:16 | 000,000,000 | ---D | M] -- H:\Users\Standa\AppData\Roaming\Zoner
[2009.07.14 06:53:46 | 000,019,806 | ---- | M] () -- H:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 107 bytes -> H:\ProgramData\Temp:7B2BB690
< End of report >

OTL Extras logfile created on: 20.9.2010 16:20:22 - Run 1
OTL by OldTimer - Version 3.2.14.0 Folder = H:\Users\Standa\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 120,04 Gb Total Space | 70,02 Gb Free Space | 58,33% Space Free | Partition Type: NTFS
Drive I: | 6,92 Gb Total Space | 1,36 Gb Free Space | 19,59% Space Free | Partition Type: NTFS
Drive J: | 171,13 Gb Total Space | 53,41 Gb Free Space | 31,21% Space Free | Partition Type: NTFS
Drive N: | 953,19 Mb Total Space | 743,02 Mb Free Space | 77,95% Space Free | Partition Type: FAT

Computer Name: STANDA-PC
Current User Name: Standa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- H:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- H:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "H:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "H:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- H:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = ToCA Race Driver 3
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{2E10943B-27D4-4323-8BA8-5EFED1EFEECB}" = Peggle Nights Deluxe
"{2FA2D0AF-1D4E-434E-9A03-0F65C3180F20}" = Superstars® V8 Next Challenge
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4F1DCA42-2030-437C-A94E-736692A499C1}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6D45EF03-E8EE-4355-81C3-F918CBCF1029}" = Nero 8
"{6DBB7DD3-2161-4435-A09B-3D52A30B96B2}" = Superstars® V8 Next Challenge
"{6ECB944F-D027-4E8A-9906-70E77C005AD5}" = ESET Smart Security
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.0.0.7
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{894084B6-BC69-43B7-BF06-B93AECFEA520}" = GameSpy Comrade
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C05FA75-0337-4523-AA57-9D3511018887}" = Nokia PC Suite
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{AE4E8D53-2D05-4EB4-A1E7-FF48B8E76DDE}_is1" = AVI to 3GP 1.3
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B42F73D4-AFDA-4761-B3F4-23A872D11339}" = Morrowind
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C887C75D-2636-41F6-BB7B-FD4B0314C1E1}" = Paragon Partition Manager 9.0 Professional
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = TOSHIBA Bluetooth Stack for Windows
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D155D300-C235-44FC-981C-F7B34683439C}" = Paragon Drive Backup 8.51 Professional Trial
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Aquitania_is1" = Aquitania
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Cradle Of Persia_is1" = Cradle Of Persia
"Cradle of Rome_is1" = Cradle of Rome
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)
"EA Download Manager" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GameSpy Arcade" = GameSpy Arcade
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"Puzzle Quest: Challenge of the Warlords 1.01" = Puzzle Quest: Challenge of the Warlords 1.01
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Sea Journey_is1" = Sea Journey
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Software Informer_is1" = Software Informer 1.0 BETA
"Strong DC++ Ferrari hub edition_is1" = Strong DC++ Ferrari hub edition RC8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

pise mi to chybu V jednotce neni zadny disk. Vlozte disk do jednotky/Device/Harddisk1/DR1

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (FsUsbExService) -- H:\Windows\System32\FsUsbExService.Exe File not found
O4 - HKCU..\Run: [fsm] File not found
O13 - gopher Prefix: missing
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{1e3ed04c-7f6d-11df-ae6f-0009dd500717}\Shell - "" = AutoRun
O33 - MountPoints2\{1e3ed04c-7f6d-11df-ae6f-0009dd500717}\Shell\AutoRun\command - "" = K:\autorun.exe -- File not found
O33 - MountPoints2\{1e3ed065-7f6d-11df-ae6f-0009dd500717}\Shell - "" = AutoRun
O33 - MountPoints2\{1e3ed065-7f6d-11df-ae6f-0009dd500717}\Shell\AutoRun\command - "" = L:\Setup.exe -- File not found
O33 - MountPoints2\{e08a2c2d-7381-11df-a73d-0009dd500717}\Shell - "" = AutoRun
O33 - MountPoints2\{e08a2c2d-7381-11df-a73d-0009dd500717}\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\autorun.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 107 bytes -> H:\ProgramData\Temp:7B2BB690

:Files
H:\WINDOWS\System32\*.tmp 
H:\WINDOWS\*.tmp 
H:\WINDOWS\system32\*.tmp.dll 
H:\WINDOWS\system32\SET*.tmp 
H:\windows\Tasks\*.job 
H:\*.tmp
H:\Windows\System32\perfh005.dat
H:\Windows\System32\perfh009.dat
H:\Windows\System32\perfc005.dat
H:\Windows\System32\perfc009.dat
H:\Windows\tasks\SA.DAT
H:\Users\Standa\Desktop\gmer.exe
H:\ProgramData\ezsidmv.dat
H:\Windows\system32\DRIVERS\spky.sys

:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[clearallrestorepoints]
[createrestorepoint]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

PC-HELP.CZ

preventivni kontrola logu +

preventivni kontrola logu +

Re: preventivni kontrola logu

Re: preventivni kontrola logu

Re: preventivni kontrola logu

Re: preventivni kontrola logu

Re: preventivni kontrola logu

Re: preventivni kontrola logu

Re: preventivni kontrola logu +

Re: preventivni kontrola logu +

Re: preventivni kontrola logu +

Re: preventivni kontrola logu +

Re: preventivni kontrola logu +