Díky, zde je log z OTL.txt:
OTL logfile created on: 9.1.2014 21:40:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dadka\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 70,70% Memory free
6,00 Gb Paging File | 5,04 Gb Available in Paging File | 83,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 203,36 Gb Free Space | 68,22% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 78,65 Gb Free Space | 80,54% Space Free | Partition Type: NTFS
Drive E: | 135,22 Gb Total Space | 132,07 Gb Free Space | 97,67% Space Free | Partition Type: NTFS
Computer Name: DADKA-PC | User Name: Dadka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.01.09 21:38:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dadka\Desktop\OTL.exe
PRC - [2014.01.08 16:12:32 | 002,486,296 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2014.01.08 16:12:32 | 001,771,544 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
PRC - [2014.01.08 16:12:32 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
PRC - [2013.12.21 11:54:41 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.12.10 22:52:22 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.12.10 22:52:13 | 001,804,240 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.12.01 20:51:20 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe
PRC - [2013.12.01 20:51:20 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe
PRC - [2013.12.01 20:51:20 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
PRC - [2013.11.18 21:59:36 | 000,590,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013.11.11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013.11.07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013.11.07 22:00:48 | 000,680,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013.10.28 23:24:02 | 000,729,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013.10.28 23:17:36 | 000,892,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013.09.24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2012.02.02 15:14:56 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\ib\olycamdetect.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2007.09.04 12:51:36 | 001,346,560 | ---- | M] (Daniel Redlich Software) -- D:\DosPrint\DOSPRINT.EXE
========== Modules (No Company Name) ==========
MOD - [2014.01.08 16:12:32 | 002,486,296 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2014.01.08 16:12:32 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
MOD - [2013.12.21 11:54:40 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\7366libfoxloader.dll
MOD - [2013.03.25 15:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
========== Services (SafeList) ==========
SRV - [2014.01.08 16:12:32 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2013.12.21 11:54:40 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.10 22:52:22 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.12.01 20:51:20 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe -- (VideoDownloadConverter_4zService)
SRV - [2013.11.11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.09.24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2013.11.11 13:41:24 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013.11.05 21:50:48 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013.11.04 21:57:30 | 000,209,176 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.10.31 23:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013.10.31 22:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.10.24 22:28:32 | 000,147,768 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.10.01 00:49:38 | 000,102,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013.09.17 00:57:26 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.09.10 00:43:20 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.08.01 15:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.06.10 22:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" =
http://search.tb.ask.com/search/GGmain. ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://home.tb.ask.com/index.jhtml?n=77 ... tAodf3QAig
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\URLSearchHook: {93a3111f-4f74-4ed8-895e-d9708497629e} - No CLSID value found
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes,DefaultScope = {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{25851F10-6B33-44D1-BC27-071577CC5E01}: "URL" =
http://encyklopedie.seznam.cz/search?q= ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{2D21DD47-0C85-4F31-B704-DBE95091A574}: "URL" =
http://www.mapy.cz/?query={searchTerms} ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{2F217AD3-52AA-43E3-ADC3-C2C48A13529D}: "URL" =
http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{4866858B-14C4-4B95-9866-0AA89EE04214}: "URL" =
http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{85F585C0-5C18-482A-9EE3-92F99751B666}: "URL" =
http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{BE31F0F4-1CD9-4B92-A073-A38180D769EC}: "URL" =
http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" =
http://search.tb.ask.com/search/GGmain. ... earchTerms}
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{E041ACB4-7A4C-434B-8704-55710478CF72}: "URL" =
http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{EA8CF067-B69F-4EBA-B21C-5A827C9B3762}: "URL" =
http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\SearchScopes\{FAB71457-0061-41EA-97D8-0907EFFA6A31}: "URL" =
http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask Search"
FF - prefs.js..browser.search.defaultenginename: "Ask Search"
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.selectedEngine: "Ask Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
www.google.cz"
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014.01.08 16:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013.08.04 14:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dadka\AppData\Roaming\Mozilla\Extensions
[2013.12.12 22:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dadka\AppData\Roaming\Mozilla\Firefox\Profiles\m2g2tkm1.default\extensions
[2013.08.04 15:45:07 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Dadka\AppData\Roaming\Mozilla\Firefox\Profiles\m2g2tkm1.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.12.12 22:51:50 | 000,553,104 | ---- | M] () (No name found) -- C:\Users\Dadka\AppData\Roaming\Mozilla\Firefox\Profiles\m2g2tkm1.default\extensions\
toolbar_ORJ-V7@apn.ask.com.xpi
[2013.09.27 06:48:48 | 000,002,545 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Mozilla\Firefox\Profiles\m2g2tkm1.default\searchplugins\ask-search.xml
[2013.12.01 20:51:23 | 000,009,624 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Mozilla\Firefox\Profiles\m2g2tkm1.default\searchplugins\ask-web-search.xml
[2013.11.15 21:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.21 11:54:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.seznam.cz/?clid=12454
CHR - Extension: Dokumenty Google = C:\Users\Dadka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Dadka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Dadka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Dadka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Dadka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Toolbar BHO) - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Search Assistant BHO) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..\Toolbar\WebBrowser: (VideoDownloadConverter) - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Olympus ib] C:\Program Files\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [VideoDownloadConverter Search Scope Monitor] C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-1244878929-3995975121-869711517-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Dadka\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-1244878929-3995975121-869711517-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1244878929-3995975121-869711517-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBC7F6BB-800C-4ABD-AEFB-03D59B9938C2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013.07.29 14:34:52 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.01.09 21:38:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dadka\Desktop\OTL.exe
[2014.01.07 07:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.01.07 07:36:31 | 000,000,000 | ---D | C] -- C:\rsit
[2014.01.07 06:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.01.07 06:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.01.05 21:44:09 | 000,000,000 | ---D | C] -- C:\Users\Dadka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
[2014.01.05 21:44:08 | 000,000,000 | ---D | C] -- C:\Users\Dadka\AppData\Roaming\Mediatronic
[2014.01.05 21:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\MediaCoder
[2014.01.05 19:09:06 | 000,000,000 | ---D | C] -- C:\Users\Dadka\AppData\Local\IAC
[2014.01.05 14:44:38 | 000,000,000 | ---D | C] -- C:\Users\Dadka\Profesionálové
[2014.01.04 18:30:27 | 000,000,000 | ---D | C] -- C:\Users\Dadka\AppData\Local\VideoDownloadConverter_4z
[2014.01.03 18:49:30 | 000,000,000 | ---D | C] -- C:\Users\Dadka\Mrp
[2013.12.29 17:59:46 | 000,000,000 | ---D | C] -- C:\Users\Dadka\Documents\vzpominky-soubory
[2013.12.15 21:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013.12.15 21:08:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2013.12.15 21:08:40 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013.12.15 21:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2013.12.15 21:08:07 | 000,000,000 | ---D | C] -- C:\Users\Dadka\AppData\Roaming\Winamp
[2013.12.15 21:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2013.12.11 16:45:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
========== Files - Modified Within 30 Days ==========
[2014.01.09 21:41:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.09 21:38:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dadka\Desktop\OTL.exe
[2014.01.09 20:51:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.09 19:05:28 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.09 06:26:45 | 000,018,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 06:26:45 | 000,018,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 06:22:55 | 000,622,422 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.01.09 06:22:55 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.01.09 06:22:55 | 000,118,604 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.01.09 06:22:55 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.01.09 06:18:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.09 06:18:34 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.08 16:12:54 | 000,003,728 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2014.01.07 06:56:43 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.06 18:44:29 | 000,142,757 | ---- | M] () -- C:\Users\Dadka\Documents\vzpominky.pbf
[2014.01.05 21:44:13 | 000,000,989 | ---- | M] () -- C:\Users\Dadka\Desktop\MediaCoder.lnk
[2014.01.03 18:19:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2014.01.03 18:19:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013.12.19 21:27:16 | 000,001,095 | ---- | M] () -- C:\Users\Dadka\Desktop\U.BAT.lnk
[2013.12.16 19:11:19 | 000,147,387 | ---- | M] () -- C:\Users\Dadka\Desktop\Bez názvu 1.odp
[2013.12.15 21:08:41 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
========== Files Created - No Company Name ==========
[2014.01.09 21:41:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.07 06:56:43 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.05 21:44:13 | 000,000,989 | ---- | C] () -- C:\Users\Dadka\Desktop\MediaCoder.lnk
[2014.01.03 18:19:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2014.01.03 18:19:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.12.29 17:59:46 | 000,142,757 | ---- | C] () -- C:\Users\Dadka\Documents\vzpominky.pbf
[2013.12.16 19:11:17 | 000,147,387 | ---- | C] () -- C:\Users\Dadka\Desktop\Bez názvu 1.odp
[2013.12.15 21:08:41 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.10.14 22:53:35 | 000,007,605 | ---- | C] () -- C:\Users\Dadka\AppData\Local\Resmon.ResmonCfg
[2013.10.11 16:30:13 | 000,216,064 | ---- | C] () -- C:\Windows\System32\gcapi_dll.dll
[2013.10.06 17:16:47 | 000,004,608 | ---- | C] () -- C:\Users\Dadka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.06 17:17:10 | 000,003,728 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.08.05 19:50:54 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Ashampoo
[2013.10.15 21:49:14 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\AVG2014
[2013.10.24 09:10:47 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Foxit Software
[2013.08.04 14:26:14 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\GHISLER
[2014.01.05 21:44:08 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Mediatronic
[2013.08.06 06:56:34 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\OpenOffice
[2014.01.09 06:24:03 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Seznam.cz
[2013.08.04 14:20:22 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\TuneUp Software
[2013.08.04 14:35:08 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Zoner
[2013.09.13 08:50:29 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.09.13 08:50:29 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,638 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.10.11 16:30:29 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.10.11 16:30:32 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04544\ProgData\*.tmp files -> C:\Windows\Temp\avg_a04544\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04544\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a04544\ProgFiles\AVG Secure Search\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.08.05 17:07:50 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Adobe
[2013.08.05 19:50:54 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Ashampoo
[2013.10.15 21:49:14 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\AVG2014
[2013.10.24 09:10:47 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Foxit Software
[2013.08.04 14:26:14 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\GHISLER
[2013.08.04 13:41:56 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Identities
[2013.08.05 17:07:50 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Media Center Programs
[2014.01.05 21:44:08 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Mediatronic
[2013.10.01 05:58:22 | 000,000,000 | --SD | M] -- C:\Users\Dadka\AppData\Roaming\Microsoft
[2013.08.04 14:03:38 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Mozilla
[2013.08.06 06:56:34 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\OpenOffice
[2014.01.09 06:24:03 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Seznam.cz
[2013.08.04 14:20:22 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\TuneUp Software
[2014.01.07 06:58:09 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Winamp
[2013.08.04 14:40:30 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\WinRAR
[2013.08.04 14:35:08 | 000,000,000 | ---D | M] -- C:\Users\Dadka\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.01.09 06:26:45 | 000,018,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 06:26:45 | 000,018,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 06:22:55 | 000,118,604 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.01.09 06:22:55 | 000,103,370 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.01.09 06:22:55 | 000,622,422 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.01.09 06:22:55 | 000,606,992 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.01.09 06:22:55 | 001,445,734 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"cz.seznam.software.autoupdate" = "C:\Users\Dadka\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 14:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Dadka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 09:10:22 | 000,092,664 | ---- | M] ()
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
;
;Warning: Boot.ini is used on Windows XP and earlier operating systems.
;Warning: Use BCDEDIT.exe to modify Windows Vista boot options.
;
[boot loader]
timeout=1
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /NOEXECUTE=OPTIN /FASTDETECT
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.09 21:41:58 | 000,000,512 | ---- | M] () MD5=E26741672A9C76F49BC0A52DA6EDEBA0 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.01.08 16:12:31 | 000,004,178 | ---- | M] () -- \Program Files\AVG Secure Search\Chrome\content\icons\loader.gif
[2014.01.08 16:12:31 | 000,019,497 | ---- | M] () -- \Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.10.29 09:43:40 | 000,001,668 | ---- | M] () -- \Program Files\HF Designer\Loader.elf
[2013.10.25 09:55:42 | 000,832,064 | ---- | M] () -- \Program Files\HF Designer\Loader.exe
[2008.12.06 17:13:52 | 000,001,070 | ---- | M] () -- \Program Files\MediaCoder\extensions\_include\loader.html
[2012.02.02 15:15:34 | 000,124,200 | ---- | M] () -- \Program Files\Olympus\ib\Koan\pyloader.dll
[2012.02.02 15:15:44 | 000,033,837 | ---- | M] () -- \Program Files\Olympus\ib\subsys\DataCenter\ImageLoader.kc
[2012.02.02 15:15:52 | 000,011,648 | ---- | M] () -- \Program Files\Olympus\ib\subsys\HTMLView\pycom\win32\_win32sysloader.pyd
[2013.07.10 21:08:32 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice 4\program\javaloader.uno.dll
[2013.07.16 14:31:10 | 000,005,813 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.py
[2013.07.10 21:08:34 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.dll
[2013.07.16 14:35:46 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.ini
[2013.07.16 14:21:10 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice 4\program\classes\unoloader.jar
[2013.07.10 14:46:18 | 000,013,420 | ---- | M] () -- \Program Files\OpenOffice 4\program\python-core-2.7.5\lib\unittest\loader.py
[2013.02.19 11:07:28 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.08.04 14:19:57 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\15.1.0.2\modules\skin\ajax-loader.gif
[2013.08.04 14:19:57 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\15.1.0.2\modules\skin\loader.gif
[2013.08.06 17:17:07 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5\modules\skin\ajax-loader.gif
[2013.08.06 17:17:07 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5\modules\skin\loader.gif
[2013.08.15 12:46:39 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\ajax-loader.gif
[2013.08.15 12:46:39 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\loader.gif
[2013.09.28 12:13:40 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.0.0.9\modules\skin\ajax-loader.gif
[2013.09.28 12:13:40 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.0.0.9\modules\skin\loader.gif
[2013.10.02 18:57:40 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12\modules\skin\ajax-loader.gif
[2013.10.02 18:57:40 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12\modules\skin\loader.gif
[2013.11.11 13:41:23 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\ajax-loader.gif
[2013.11.11 13:41:23 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\loader.gif
[2013.12.09 12:20:06 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.2.0.38\modules\skin\ajax-loader.gif
[2013.12.09 12:20:06 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.2.0.38\modules\skin\loader.gif
[2014.01.08 16:12:31 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\ajax-loader.gif
[2014.01.08 16:12:31 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\loader.gif
[2013.08.04 14:19:57 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\15.1.0.2\modules\skin\ajax-loader.gif
[2013.08.04 14:19:57 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\15.1.0.2\modules\skin\loader.gif
[2013.08.06 17:17:07 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\15.4.0.5\modules\skin\ajax-loader.gif
[2013.08.06 17:17:07 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\15.4.0.5\modules\skin\loader.gif
[2013.08.15 12:46:39 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\ajax-loader.gif
[2013.08.15 12:46:39 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\loader.gif
[2013.09.28 12:13:40 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.0.0.9\modules\skin\ajax-loader.gif
[2013.09.28 12:13:40 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.0.0.9\modules\skin\loader.gif
[2013.10.02 18:57:40 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.0.1.12\modules\skin\ajax-loader.gif
[2013.10.02 18:57:40 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.0.1.12\modules\skin\loader.gif
[2013.11.11 13:41:23 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\ajax-loader.gif
[2013.11.11 13:41:23 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\loader.gif
[2013.12.09 12:20:06 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.2.0.38\modules\skin\ajax-loader.gif
[2013.12.09 12:20:06 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.2.0.38\modules\skin\loader.gif
[2014.01.08 16:12:31 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\ajax-loader.gif
[2014.01.08 16:12:31 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\loader.gif
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Dadka\AppData\Roaming\Seznam.cz\bin\7366libfoxloader.dll
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Dadka\AppData\Roaming\Seznam.cz\bin\7369libfoxloader-x64.dll
[2013.08.04 14:26:35 | 000,000,164 | ---- | M] () -- \Users\Dadka\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.02.19 11:07:28 | 000,030,608 | ---- | M] () -- \Users\Dadka\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Dadka\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Dadka\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2014.01.06 18:40:56 | 000,027,608 | ---- | M] () -- \Windows\Prefetch\LOADER.EXE-FE74B447.pf
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2014.01.08 16:12:31 | 000,006,494 | ---- | M] () -- \Windows\Temp\avg_a04544\ProgData\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\ajax-loader.gif
[2014.01.08 16:12:31 | 000,000,729 | ---- | M] () -- \Windows\Temp\avg_a04544\ProgData\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\loader.gif
[2014.01.08 16:12:31 | 000,004,178 | ---- | M] () -- \Windows\Temp\avg_a04544\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif
[2014.01.08 16:12:31 | 000,019,497 | ---- | M] () -- \Windows\Temp\avg_a04544\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009.07.14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.11.01 08:57:59 | 000,032,768 | ---- | M] () -- \Users\Dadka\AppData\Local\HF Designer\{C9BD208B-32AB-4CEA-8D67-E5E83797F8BE}\mdbu\Locations!IX_VolumeSerialNumber_Location.ind
[2013.11.01 08:57:59 | 000,008,192 | ---- | M] () -- \Users\Dadka\AppData\Local\HF Designer\{C9BD208B-32AB-4CEA-8D67-E5E83797F8BE}\mdbu\Media!IX_VolumeSerialNumber.ind
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.07.14 05:43:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009.07.14 05:43:05 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009.07.14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
a zde Extras.txt:
OTL Extras logfile created on: 9.1.2014 21:40:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dadka\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 70,70% Memory free
6,00 Gb Paging File | 5,04 Gb Available in Paging File | 83,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 203,36 Gb Free Space | 68,22% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 78,65 Gb Free Space | 80,54% Space Free | Partition Type: NTFS
Drive E: | 135,22 Gb Total Space | 132,07 Gb Free Space | 97,67% Space Free | Partition Type: NTFS
Computer Name: DADKA-PC | User Name: Dadka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1244878929-3995975121-869711517-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11B4C255-9AE1-4FB8-B163-7357B2AA9228}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{293249F4-6F43-48E8-BB1C-9266DF62BC89}" = rport=445 | protocol=6 | dir=out | app=system |
"{2A11A758-ED51-4041-A609-249E6A8B96F9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31E5600A-03F4-44E3-9EAE-100401313F3A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{432C3584-8EAF-4B15-850D-140937709BD6}" = rport=137 | protocol=17 | dir=out | app=system |
"{5B5B6FA0-E1BE-40FF-AC40-C4F4EB0073D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{7966D8EE-2074-473B-A09A-4E46E1779B0F}" = lport=137 | protocol=17 | dir=in | app=system |
"{7F135A97-DE50-4960-AA45-C3EBFF143CA1}" = rport=138 | protocol=17 | dir=out | app=system |
"{96ABB396-FCE8-48D4-BD47-DF3619B268C9}" = lport=139 | protocol=6 | dir=in | app=system |
"{A42ACC14-963F-450D-99D2-2A5D61C017FB}" = lport=3389 | protocol=6 | dir=in | app=system |
"{B33327B3-0633-4A5E-A22B-469A700CA35B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BFB362E3-FF63-44E1-A468-F90B845E89D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{CE3F8DAE-35F1-4BBC-BB8A-84DA0ED03786}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0CB55F9-3460-4DAC-8636-51F0AB8BB249}" = lport=445 | protocol=6 | dir=in | app=system |
"{FBDE5931-B4CE-4FFD-8550-B20EAE45127C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A4CE1A-9763-4A5E-8D66-C511150C0FE7}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{15DFB58E-ADEF-4559-A3DA-975BD87DA00F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1ADE78C2-9AC9-4BEA-B5B2-EB7A3BACFF9A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{1B690144-0CB7-4D85-9CDC-C4404D447919}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{31B00223-C10F-4508-B4E2-FF658D6395C3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{4DC200AC-3814-403B-BC84-53980594F6D2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6C031188-7B7E-4E57-AA94-BC4A55460D2C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{7AD133D1-5FCC-493D-9DC9-517A3F206253}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"{7C321FCE-25D3-4CDF-8A37-0D51286DEC1C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{8E9E8317-DBCC-455B-8E86-F859B374D43F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CDF348F-E938-4FC4-A889-319D54BD9744}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9D5C1708-C138-4BF8-AA59-C1984BE576A8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{A07A73FB-CF2B-44FD-8AD3-5AA5215F8A78}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A91F07DD-76F8-4123-8F28-45A27F915E07}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AE6F1A1F-ECCE-4BF5-9D0E-9117A5F95863}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"{B8B7C91A-1556-4D67-BD9D-54E0A8419009}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{C8D13137-3CF4-465F-8CCC-7DD58EA13461}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
"{3B97ADB7-3DA1-4964-BC10-68384BA6A66F}" = AVG 2014
"{49AEFEAB-A10B-4E8E-B577-2287ACA2B8AF}" = AVG 2014
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F524A2D-5637-006A-76A7-A758B70C0901}" = Ask Toolbar
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.5
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A81E275C-C1D1-473D-90D9-7EAE310550C7}" = OpenOffice 4.0.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2014
"AVG Secure Search" = AVG Security Toolbar
"CCleaner" = CCleaner
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"HappyFoto-Designer_is1" = HF Designer 4.4
"InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"MediaCoder" = MediaCoder 0.8.28.5582
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"Totalcmd" = Total Commander (Remove or Repair)
"VideoDownloadConverter_4zbar Uninstall Internet Explorer" = VideoDownloadConverter Internet Explorer Toolbar
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1244878929-3995975121-869711517-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.12.2013 5:15:20 | Computer Name = Dadka-PC | Source = Application Hang | ID = 1002
Description = Program Zps.exe verze 10.0.1.1 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: cb8 Čas
spuštění: 01cefef62ffb9df1 Čas ukončení: 15 Cesta k aplikaci: C:\Program Files\Zoner\Photo
Studio 10\Program\Zps.exe ID hlášení: 9168b3d0-6ae9-11e3-873b-0016e68d4936
Error - 22.12.2013 5:15:38 | Computer Name = Dadka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Zps.exe, verze: 10.0.1.1, časové razítko:
0x46fe22ba Název chybujícího modulu: MSVCR80.dll, verze: 8.0.50727.4927, časové
razítko: 0x4a2752ff Kód výjimky: 0xc0000006 Posun chyby: 0x000173bd ID chybujícího
procesu: 0x8dc Čas spuštění chybující aplikace: 0x01cefef6591c044d Cesta k chybující
aplikaci: C:\Program Files\Zoner\Photo Studio 10\Program\Zps.exe Cesta k chybujícímu
modulu: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCR80.dll
ID
zprávy: 9eced2ba-6ae9-11e3-873b-0016e68d4936
Error - 22.12.2013 5:15:38 | Computer Name = Dadka-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru F:\kostel sv. Antonina\PC301054.JPG
z jednoho z těchto důvodů: došlo k problému s připojením k síti, s diskem, na kterém
je soubor uložen, nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo
disk chybí. Systém Windows kvůli této chybě ukončil program Zoner Photo Studio 10.
Program:
Zoner Photo Studio 10 Soubor: F:\kostel sv. Antonina\PC301054.JPG Hodnota chyby je
uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat
o dočasný problém, který se při novém spuštění programu nebude opakovat. 2. Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 5
Error - 28.12.2013 5:48:26 | Computer Name = Dadka-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 28.12.2013 6:24:03 | Computer Name = Dadka-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 3.1.2014 13:34:32 | Computer Name = Dadka-PC | Source = Application Hang | ID = 1002
Description = Program burningstudio2013.exe verze 11.0.5.38 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 948 Čas spuštění: 01cf08a9c111d4fb Čas ukončení: 60000 Cesta k aplikaci:
C:\Program Files\Ashampoo\Ashampoo Burning Studio 2013\burningstudio2013.exe ID hlášení:
223d6d37-749d-11e3-b46b-0016e68d4936
Error - 4.1.2014 8:05:19 | Computer Name = Dadka-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.1.2014 21:24:59 | Computer Name = Dadka-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 8.1.2014 3:34:05 | Computer Name = Dadka-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 9.1.2014 2:07:32 | Computer Name = Dadka-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ System Events ]
Error - 8.1.2014 14:55:59 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 14:57:00 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 15:01:00 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 15:02:00 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 15:03:00 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 15:23:01 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 15:24:01 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 15:27:01 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 15:59:01 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
Error - 8.1.2014 16:17:02 | Computer Name = Dadka-PC | Source = srv | ID = 2017
Description = Server nemůže vyhradit paměť ze systémového nestránkovaného fondu,
protože bylo dosaženo nastaveného limitu vyhrazení nestránkovaného fondu.
< End of report >
Díky. Cecil007
Stahnete OTL 
Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
